CVE-2022-2232 | Keycloak prior 23.0.1 Login UsernameForm ldap injection

Inserito da Angelo Barbosa | Nov 30, 2023 | CVE

A vulnerability classified as problematic has been found in Keycloak. This affects an unknown part of the component Login. The manipulation of the argument UsernameForm leads to ldap injection.

This vulnerability is uniquely identified as CVE-2022-2232. The attack needs to be initiated within the local network. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2022-2232 | Keycloak prior 23.0.1 Login UsernameForm ldap injection

Post correlati

CVE-2023-6851 | kalcaddle KodExplorer up to 4.51.03 ZIP Archive plugins/zipView/app.php unzipList code injection

CVE-2024-4010 | Icegram Express Email Subscribers Plugin up to 5.7.19 on WordPress handle_ajax_request authorization

CVE-2024-1994 | Image Watermark Plugin up to 1.7.3 on WordPress Watermark Modification authorization

CVE-2024-7306 | SourceCodester Establishment Billing Management System 1.0 /manage_block.php id sql injection