Keycloak: xss via assertion consumer service url in saml post-binding flow
CVE-2023-6717

6MEDIUM

Key Information:

Status
Red Hat AMQ Broker 7
Red Hat Build Of Keycloak 22
Red Hat Build Of Keycloak 22.0.10
Vendor
CVE Published:
25 April 2024

What is CVE-2023-6717?

A vulnerability exists within the SAML client registration feature of Keycloak that can enable a malicious administrator to register harmful JavaScript URIs as Assertion Consumer Service POST Binding URLs. This presents a Cross-Site Scripting (XSS) threat, where an attacker with administrative privileges in one realm or client with registration access can target users across different realms or applications. Upon form submission, the execution of arbitrary JavaScript in the user’s context can occur, potentially leading to unauthorized access and harmful actions, which jeopardizes the confidentiality, integrity, and availability of the entire Keycloak instance.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

https://access.redhat.com/errata/RHSA-2024:1353
vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:1867
vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:1868
vendor-advisoryx_refsource_REDHAT

CVSS V3.1

Score:
6
Severity:
MEDIUM
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
High
Privileges Required:
High
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

JSON
.