Vigil@nce - Keycloak: Cross Site Scripting via Default Roles Functionality, analyzed on 05/10/2022
December 2022 by Vigil@nce
An attacker can trigger a Cross Site Scripting of Keycloak, via Default Roles Functionality, in order to run JavaScript code in the context of the web site.
Plus d'information sur : https://vigilance.fr/vulnerability/Keycloak-Cross-Site-Scripting-via-Default-Roles-Functionality-39468