VDB
RHSA-2020%3A2252
RHSA-2020%3A2252
PUBLISHED
CVSS 6.099999904632568 MEDIUM
A flaw was found during the assessment of the Admin Console application for Keycloak, where it was found that Application Links to external applications are not validated properly. An attacker could use this flaw to cause Stored XSS attacks.
Risk Scores
CVSS 3.1
6.099999904632568
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Red Hat | Red Hat Runtimes Spring Boot 2.2.6 |
Timeline
- Jun 1, 2020 CVE Published
- May 1, 2026 Distribution Patch
- May 1, 2026 Distribution Patch
- May 1, 2026 Security Advisory
- May 1, 2026 Security Advisory
- May 1, 2026 Security Advisory
- May 1, 2026 Security Advisory
- May 1, 2026 Security Advisory
- May 1, 2026 Security Advisory
- May 1, 2026 Security Advisory
- May 14, 2026 CVE Updated
References
- https://access.redhat.com/errata/RHSA-2020:2252 advisory
- https://access.redhat.com/security/updates/classification/#important advisory
- https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=distributions&product=catRhoar.spring.boot&version=2.2.6 advisory
- https://access.redhat.com/documentation/en-us/red_hat_support_for_spring_boot/ advisory
- https://bugzilla.redhat.com/show_bug.cgi?id=1790292 issue
- https://bugzilla.redhat.com/show_bug.cgi?id=1791538 issue
- https://bugzilla.redhat.com/show_bug.cgi?id=1796756 issue
- https://bugzilla.redhat.com/show_bug.cgi?id=1800527 issue
- https://bugzilla.redhat.com/show_bug.cgi?id=1800573 issue
- https://bugzilla.redhat.com/show_bug.cgi?id=1805792 issue
- https://security.access.redhat.com/data/csaf/v2/advisories/2020/rhsa-2020_2252.json advisory
- https://access.redhat.com/security/cve/CVE-2020-1697 advisory
- https://www.cve.org/CVERecord?id=CVE-2020-1697 advisory
- https://nvd.nist.gov/vuln/detail/CVE-2020-1697 advisory
- https://access.redhat.com/security/cve/CVE-2020-1698 advisory
- https://www.cve.org/CVERecord?id=CVE-2020-1698 advisory
- https://nvd.nist.gov/vuln/detail/CVE-2020-1698 advisory
- https://access.redhat.com/security/cve/CVE-2020-1718 advisory
- https://www.cve.org/CVERecord?id=CVE-2020-1718 advisory
- https://nvd.nist.gov/vuln/detail/CVE-2020-1718 advisory
…and 9 more