Vulnerabilities > Redhat > Single Sign ON > Low
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2022-09-01 | CVE-2022-2256 | Cross-site Scripting vulnerability in Redhat Single Sign-On 7.0 A Stored Cross-site scripting (XSS) vulnerability was found in keycloak as shipped in Red Hat Single Sign-On 7. | 3.8 |
2021-02-11 | CVE-2020-10734 | Unspecified vulnerability in Redhat products A vulnerability was found in keycloak in the way that the OIDC logout endpoint does not have CSRF protection. | 3.3 |
2021-02-11 | CVE-2020-1717 | Information Exposure Through an Error Message vulnerability in Redhat products A flaw was found in Keycloak 7.0.1. | 2.7 |
2021-01-12 | CVE-2020-14341 | Unspecified vulnerability in Redhat Single Sign-On The "Test Connection" available in v7.x of the Red Hat Single Sign On application console can permit an authorized user to cause SMTP connections to be attempted to arbitrary hosts and ports of the user's choosing, and originating from the RHSSO installation. | 2.7 |