CVE-2023-0091

Incorrect Authorization in npm/keycloak-connect

Identifiers

CVE-2023-0091

Package Slug

npm/keycloak-connect

Vulnerability

Incorrect Authorization

Description

A flaw was found in Keycloak, where it does not properly check client tokens for possible revocation in its client credential flow. This flaw allows an attacker to access or modify potentially sensitive information.

Affected Versions

All versions

Solution

Unfortunately, there is no solution available yet.

Last Modified

2023-01-24

source