A vulnerability was found in keycloak. A CSRF attack can be performed in My Resources functionality in the Account Console. The attacker can trick the user to perform operations by using social engineering or any other mean that can result in a request to Keycloak from an untrusted domain.
This issue has been addressed in the following products:
Red Hat Single Sign-On 7.3.3 zip
Via RHSA-2019:2483 https://access.redhat.com/errata/RHSA-2019:2483
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s):