A flaw was found in Keycloak in versions prior to 9.0.2. This flaw allows a malicious user that is currently logged in, to see the personal information of a previously logged out user in the account manager section.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
redhat keycloak |
||
redhat single sign-on 7.0 |
||
redhat openshift application runtimes - |