Back to bug 2013577
| Who | When | What | Removed | Added |
|---|---|---|---|---|
| Marian Rehak | 2021-10-13 09:50:51 UTC | CC | security-response-team | |
| Marian Rehak | 2021-10-13 09:53:54 UTC | Blocks | 2013580 | |
| Paramvir jindal | 2021-10-18 09:06:48 UTC | Summary | EMBARGOED kernel: POST based reflected Cross Site Scripting vulnerability | EMBARGOED keycloak: POST based reflected Cross Site Scripting vulnerability |
| Marian Rehak | 2021-10-19 16:50:55 UTC | Alias | CVE-2021-20323 | |
| Summary | EMBARGOED keycloak: POST based reflected Cross Site Scripting vulnerability | EMBARGOED CVE-2021-20323 keycloak: POST based reflected Cross Site Scripting vulnerability | ||
| Red Hat Bugzilla | 2021-12-31 23:33:48 UTC | CC | almorale | |
| Paramvir jindal | 2022-01-27 12:26:49 UTC | Summary | EMBARGOED CVE-2021-20323 keycloak: POST based reflected Cross Site Scripting vulnerability | EMBARGOED CVE-2021-20323 keycloak-services: POST based reflected Cross Site Scripting vulnerability |
| CC | aileenc, alazarot, anstephe, avibelli, bgeorges, bibryam, cmoulliard, dkreling, etirelli, ggaughan, gmalinko, hbraun, ibek, ikanello, janstey, jochrist, jrokos, jstastny, jwon, kverlaen, lthon, mnovotny, mszynkie, pantinor, pdelbell, peholase, pgallagh, rrajasek, rruss, tzimanyi | boliveir | ||
| Paramvir jindal | 2022-01-27 12:29:25 UTC | Group | qe_staff, security | |
| Summary | EMBARGOED CVE-2021-20323 keycloak-services: POST based reflected Cross Site Scripting vulnerability | CVE-2021-20323 keycloak-services: POST based reflected Cross Site Scripting vulnerability | ||
| Paramvir jindal | 2022-01-27 12:37:40 UTC | Fixed In Version | keycloak 17.0.0 | |
| Marian Rehak | 2022-01-28 11:52:49 UTC | Blocks | 2047718 | |
| Marian Rehak | 2022-03-25 11:02:52 UTC | Doc Text | A POST based reflected Cross Site Scripting vulnerability on has been identified in Keycloak. | |
| RaTasha Tillery-Smith | 2022-03-29 13:48:32 UTC | Flags | needinfo?(pjindal) | |
| Paramvir jindal | 2022-04-07 05:39:23 UTC | Doc Text | A POST based reflected Cross Site Scripting vulnerability on has been identified in Keycloak. | A flaw has been found in keycloak version prior to 17.0.0 where clients-registrations endpoint is vulnerable to Cross Site Scripting attack as it allows to execute javascript code on the client side. |
| Flags | needinfo?(pjindal) | |||
| RaTasha Tillery-Smith | 2022-04-07 12:31:12 UTC | Doc Text | A flaw has been found in keycloak version prior to 17.0.0 where clients-registrations endpoint is vulnerable to Cross Site Scripting attack as it allows to execute javascript code on the client side. | A flaw has been found in Keycloak. The clients-registrations endpoint allows execution of javascript code on the client-side, which makes it vulnerable to a Cross-Site Scripting attack. |
| Red Hat Bugzilla | 2022-10-28 13:12:40 UTC | Fixed In Version | keycloak 17.0.0 | keycloak 18.0.0 |
| CC | krathod | |||
| Red Hat Bugzilla | 2022-12-31 23:43:14 UTC | CC | aboyko | |
| Red Hat Bugzilla | 2023-05-15 18:09:11 UTC | CC | drieden | |
| Red Hat Bugzilla | 2023-07-07 08:30:46 UTC | CC | security-response-team | |
| Assignee | security-response-team | nobody | ||
| tyy | 2023-07-21 03:45:37 UTC | CC | vulnthinker |
Back to bug 2013577