-
CVSS Score
-Basic Information
CVE ID
-
GHSA ID
-
EPSS Score
-
CWE
-
Published
-
Updated
-
KEV Status
-
Technology
-
Technical Details
Vulnerability Intelligence
Miggo AI
Miggo AIMiggo AIMiggo AIRoot Cause AnalysisThe vulnerability stems from insufficient validation of user-controlled ACS URLs in SAML client configurations. Keycloak's SAML processing flow uses these URLs directly in HTML form actions without sanitizing JavaScript URIs. The functions responsible for 1) validating() redirect URIs during SAML response processing (SamlProtocolUtils.verifyRedirectUri) and 2) validating() client configuration endpoints (ClientValidationProvider.validateSamlEndpoints) would be the logical points where proper URI scheme validation was missing. These locations align with the described XSS mechanism (HTML form injection via javascript: URIs) and the CWE-20/CWE-79 classifications.
| Package Name | Ecosystem | Vulnerable Versions | First Patched Version |
|---|---|---|---|
| org.keycloak:keycloak-services | maven | < 22.0.10 | 22.0.10 |
| org.keycloak:keycloak-services | maven | >= 23.0.0, < 24.0.3 | 24.0.3 |
JavaJavaKEV Misses 88% of Exploited CVEs- Get the report