CVE-2022-2256

Published
View on NVD ↗
CVSS v3
3.8
LOW
CVSS v2
N/A
Affected
1
PROJECT

Description

A Stored Cross-site scripting (XSS) vulnerability was found in keycloak as shipped in Red Hat Single Sign-On 7. This flaw allows a privileged attacker to execute malicious scripts in the admin console, abusing the default roles functionality.

keycloak/keycloak
keycloak/keycloak
Open Source Identity and Access Management For Modern Applications and Services
GitHubGitHub
35.1K