CVE-2014-3709
18.10.2017, 14:29
The org.keycloak.services.resources.SocialResource.callback method in JBoss KeyCloak before 1.0.3.Final allows remote attackers to conduct cross-site request forgery (CSRF) attacks by leveraging lack of CSRF protection.
| Vendor | Product | Version |
|---|---|---|
| keycloak | keycloak | 𝑥 ≤ 1.0.2.final |
𝑥
= Vulnerable software versions
Common Weakness Enumeration