VDB

RHSA-2020%3A2252

RHSA-2020%3A2252 PUBLISHED CVSS 6.099999904632568 MEDIUM

A flaw was found during the assessment of the Admin Console application for Keycloak, where it was found that Application Links to external applications are not validated properly. An attacker could use this flaw to cause Stored XSS attacks.

Risk Scores

CVSS 3.1
6.099999904632568
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Affected Products

VendorProductVersions
Red HatRed Hat Runtimes Spring Boot 2.2.6

Timeline

  • Jun 1, 2020 CVE Published
  • May 1, 2026 Distribution Patch
  • May 1, 2026 Distribution Patch
  • May 1, 2026 Security Advisory
  • May 1, 2026 Security Advisory
  • May 1, 2026 Security Advisory
  • May 1, 2026 Security Advisory
  • May 1, 2026 Security Advisory
  • May 1, 2026 Security Advisory
  • May 1, 2026 Security Advisory
  • May 14, 2026 CVE Updated
Open in Interactive Console →
$ Console Community · 100/wk Open console ›