Bug 2253952 (CVE-2023-6717)
Summary: | CVE-2023-6717 keycloak: XSS via assertion consumer service URL in SAML POST-binding flow | ||
---|---|---|---|
Product: | [Other] Security Response | Reporter: | TEJ RATHI <trathi> |
Component: | vulnerability | Assignee: | Product Security <prodsec-ir-bot> |
Status: | NEW --- | QA Contact: | |
Severity: | medium | Docs Contact: | |
Priority: | medium | ||
Version: | unspecified | CC: | aileenc, anstephe, asoldano, ataylor, aveerama, avibelli, bbaranow, bgeorges, bmaxwell, boliveir, brian.stansberry, cdewolf, chazlett, clement.escoffier, dandread, darran.lofthouse, dhanak, dkreling, dosoudil, dpalmer, drichtar, dsimansk, ecerquei, eric.wittmann, fjuma, gercan, gmalinko, gsmet, ibek, ivassile, iweiss, janstey, jchui, jmartisk, jrokos, jross, kingland, ktsao, kverlaen, lgao, lthon, matzew, max.andersen, mnovotny, mosmerov, msochure, mstefank, msvehla, mulliken, nboldt, nwallace, olubyans, pantinor, pdelbell, pdrozd, peholase, pgallagh, pierdipi, pjindal, pmackay, porcelli, probinso, pskopek, rgarg, rguimara, rhuss, rjohnson, rkieley, rowaters, rruss, rstancel, rsvoboda, rtaniwa, sausingh, sbiarozk, sdouglas, security-response-team, shbose, skontopo, smaestri, sthorger, tkral, tom.jenkinson, tqvarnst, ubhargav |
Target Milestone: | --- | Keywords: | Security |
Target Release: | --- | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | |||
Fixed In Version: | Doc Type: | If docs needed, set a value | |
Doc Text: |
A flaw was found in the SAML client registration in Keycloak that could allow an administrator to register malicious JavaScript URIs as Assertion Consumer Service POST Binding URLs (ACS), posing a Cross-Site Scripting (XSS) risk. This issue may allow a malicious admin in one realm or a client with registration access to target users in different realms or applications, executing arbitrary JavaScript in their contexts upon form submission. This can enable unauthorized access and harmful actions, compromising the confidentiality, integrity, and availability of the complete KC instance.
|
Story Points: | --- |
Clone Of: | Environment: | ||
Last Closed: | Type: | --- | |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: | |||
Bug Depends On: | |||
Bug Blocks: | 2253608 |
Description
TEJ RATHI
2023-12-11 08:34:32 UTC
This issue has been addressed in the following products: Red Hat build of Keycloak 22.0.10 Via RHSA-2024:1868 https://access.redhat.com/errata/RHSA-2024:1868 This issue has been addressed in the following products: Red Hat build of Keycloak 22 Via RHSA-2024:1867 https://access.redhat.com/errata/RHSA-2024:1867 |