Red Hat · Keycloak · CVE-2021-20222
Name of the Vulnerable Software and Affected Versions:
keycloak (affected versions not specified)
Description:
A flaw was found in the new account console of keycloak, allowing malicious code to be executed using the referrer URL. The highest threat from this issue is to data confidentiality and integrity as well as system availability.
Recommendations:
At the moment, there is no information about a newer version that contains a fix for this vulnerability.