keycloak-services is vulnerable to cross-site request forgery (CSRF) attacks. The library does not include CSRF protection mechanisms, allowing attackers with valid session cookies to perform CSRF attacks.
CPE | Name | Operator | Version |
---|---|---|---|
keycloak rest services | le | 1.0-beta-2 | |
keycloak rest services | le | 1.0.2.Final |