EPSS
Percentile
70.7%
Keycloak services is vulnerable to cross-site request forgery (CSRF) attacks. These attacks are possible because the cookie used was not unique for each session allowing an attacker to gain access to an authenticated users session.
www.securityfocus.com/bid/101601
access.redhat.com/errata/RHSA-2017:2904
access.redhat.com/errata/RHSA-2017:2905
access.redhat.com/errata/RHSA-2017:2906
bugzilla.redhat.com/show_bug.cgi?id=1484111