Vulnerabilities > Redhat > Single Sign ON > Low

DATE CVE VULNERABILITY TITLE RISK
2022-09-01 CVE-2022-2256 Cross-site Scripting vulnerability in Redhat Single Sign-On 7.0
A Stored Cross-site scripting (XSS) vulnerability was found in keycloak as shipped in Red Hat Single Sign-On 7.
network
low complexity
redhat CWE-79
3.8
2021-02-11 CVE-2020-10734 Unspecified vulnerability in Redhat products
A vulnerability was found in keycloak in the way that the OIDC logout endpoint does not have CSRF protection.
local
low complexity
redhat
3.3
2021-02-11 CVE-2020-1717 Information Exposure Through an Error Message vulnerability in Redhat products
A flaw was found in Keycloak 7.0.1.
network
low complexity
redhat CWE-209
2.7
2021-01-12 CVE-2020-14341 Unspecified vulnerability in Redhat Single Sign-On
The "Test Connection" available in v7.x of the Red Hat Single Sign On application console can permit an authorized user to cause SMTP connections to be attempted to arbitrary hosts and ports of the user's choosing, and originating from the RHSSO installation.
network
low complexity
redhat
2.7