CVE-2020-10776

Published: Nov 17, 2020

Modified: Aug 4, 2024

PUBLISHED

Description

A flaw was found in Keycloak before version 12.0.0, where it is possible to add unsafe schemes for the redirect_uri parameter. This flaw allows an attacker to perform a Cross-site scripting attack.

Vendor	Product	Versions
n/a	keycloak	affected `before version 12.0.0`

Weaknesses (CWE)

CWE-79

References

https://bugzilla.redhat.com/show_bug.cgi?id=1847428

x_refsource_MISC

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2020-10776

Description

Affected Products

Weaknesses (CWE)

References