CVE-2021-20222

Improper Input Validation in maven/org.keycloak/keycloak-server-spi-private

Identifier

CVE-2021-20222

Package Slug

maven/org.keycloak/keycloak-server-spi-private

Vulnerability

Improper Input Validation

Description

The new account console in keycloak can allow malicious code to be executed using the referrer URL. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.

Affected Versions

Version 13.0.0

Solution

Unfortunately, there is no solution available yet.

Last Modified

2021-03-29

source