High severityNVD Advisory· Published Mar 23, 2021· Updated Aug 3, 2024
CVE-2021-20222
CVE-2021-20222
Description
A flaw was found in keycloak. The new account console in keycloak can allow malicious code to be executed using the referrer URL. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
org.keycloak:keycloak-parentMaven | >= 9.0.0, < 12.0.3 | 12.0.3 |
Affected products
2Patches
Vulnerability mechanics
References
5- github.com/advisories/GHSA-2mq8-99q7-55wxghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2021-20222ghsaADVISORY
- access.redhat.com/security/cve/cve-2021-20222ghsaWEB
- bugzilla.redhat.com/show_bug.cgighsax_refsource_MISCWEB
- github.com/keycloak/keycloak/commit/3b80eee5bfdf2b80c47465c0f2eaf70074808741ghsaWEB
News mentions
0No linked articles in our index yet.