Lucene search
Veracode Vulnerability DatabaseVERACODE:5341HistoryOct 27, 2017 - 2:09 a.m.
Cross-site Request Forgery (CSRF)
2017-10-2702:09:32
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
9
EPSS
0.003
Percentile
70.7%
Keycloak services is vulnerable to cross-site request forgery (CSRF) attacks. These attacks are possible because the cookie used was not unique for each session allowing an attacker to gain access to an authenticated users session.
Related
prion
prion
Information disclosure
2017-10-26 17:29:00
redhatcve
redhatcve
CVE-2017-12159
2019-10-06 20:47:35
github
github
Keycloak CSRF Vulnerability
2022-05-13 01:38:14
cvelist
cvelist
CVE-2017-12159
2017-10-17 00:00:00
nvd
nvd
CVE-2017-12159
2017-10-26 17:29:00
osv
osv
CGA-mrv4-ccrx-m6pr
2024-06-06 12:28:34
Keycloak CSRF Vulnerability
2022-05-13 01:38:14
cve
cve
CVE-2017-12159
2017-10-26 17:29:00
nessus
nessus
RHEL 6 : rh-sso7-keycloak (RHSA-2017:2904)
2017-10-19 00:00:00
RHEL 7 : rh-sso7-keycloak (RHSA-2017:2905)
2017-10-19 00:00:00
redhat
redhat
(RHSA-2017:2904) Moderate: rh-sso7-keycloak security update
2017-10-17 19:40:36
(RHSA-2017:2906) Moderate: Red Hat Single Sign-On security update
2017-10-17 19:41:35
(RHSA-2017:2905) Moderate: rh-sso7-keycloak security update
2017-10-17 19:40:56