Cross-site request forgery In org.keycloak:keycloak-services
Description
JBoss KeyCloak is vulnerable to soft token deletion via CSRF JBoss KeyCloak is vulnerable to soft token deletion via CSRF. This issue is fixed in Keycloak 1.0.2.Final.
Mitigation
Update Impact
Minimal update. May introduce new vulnerabilities or breaking changes.
Ecosystem | Package | Affected version | Patched versions |
|---|---|---|---|
 maven | 1.0.2.final |
Aliases
1. 2. 3. 4. 5.
References
1. 2. 3. 4.