Lucene search
Veracode Vulnerability DatabaseVERACODE:5293HistoryOct 19, 2017 - 11:01 a.m.
Cross-Site Request Forgery (CSRF)
2017-10-1911:01:29
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
4
0.004 Low
EPSS
Percentile
74.7%
keycloak-services is vulnerable to cross-site request forgery (CSRF) attacks. The library does not include CSRF protection mechanisms, allowing attackers with valid session cookies to perform CSRF attacks.
| CPE | Name | Operator | Version |
|---|---|---|---|
| keycloak rest services | le | 1.0-beta-2 | |
| keycloak rest services | le | 1.0.2.Final |
Related
prion
prion
Cross site request forgery (csrf)
2017-10-18 14:29:00
cvelist
cvelist
CVE-2014-3709
2017-10-18 14:00:00
cve
cve
CVE-2014-3709
2017-10-18 14:29:00
osv
osv
JBoss Keycloak CSRF Vulnerability
2022-05-17 00:26:04
nvd
nvd
CVE-2014-3709
2017-10-18 14:29:00
github
github
JBoss Keycloak CSRF Vulnerability
2022-05-17 00:26:04