GHSA-w8v7-c7pm-7wfr — Vulnetix

GHSA-w8v7-c7pm-7wfr REJECTED CVSS 8.5 HIGH

Duplicate Advisory: Keycloak vulnerable to Cross-Site Scripting (XSS)

Risk Scores

CVSS 4.0

8.5

CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N

Affected Products

Vendor	Product	Versions
Maven	org.keycloak:keycloak-core	0, 1.0-alpha-1, 1.0-alpha-1-12062013

Timeline

Dec 2, 2024 CVE Rejected
Dec 2, 2024 CVE Updated
Mar 2, 2026 Security Advisory

References

https://github.com/keycloak/keycloak/security/advisories/GHSA-w9mf-83w3-fv49 url
https://nvd.nist.gov/vuln/detail/CVE-2022-2256 vendor-advisory
https://bugzilla.redhat.com/show_bug.cgi?id=2101942 url
https://github.com/keycloak/keycloak product
GitHub Advisory GHSA-w8v7-c7pm-7wfr vendor-advisory

Open in Interactive Console →

$ Console Community · 100/wk Open console ›