CVE-2024-1249 | Keycloak checkLoginIframe cross-domain policy

Inserito da Angelo Barbosa | Apr 16, 2024 | CVE

A vulnerability was found in Keycloak and classified as problematic. This issue affects the function checkLoginIframe. The manipulation leads to permissive cross-domain policy with untrusted domains.

The identification of this vulnerability is CVE-2024-1249. Access to the local network is required for this attack. There is no exploit available.

CVE-2024-1249 | Keycloak checkLoginIframe cross-domain policy

Post correlati

CVE-2024-34579 | Fuji Electric Alpha5 C5V File Parser stack-based overflow

CVE-2024-24213 | Supabase PostgreSQL 15.1 /pg_meta/default/query sql injection

CVE-2024-24712 | Heateor Social Login Plugin up to 1.1.30 on WordPress Shortcode cross site scripting

CVE-2022-40700 | Confirm Data Plugin on WordPress server-side request forgery