Description
It was found that Keycloak's SAML broker, versions up to 6.0.1, did not verify missing message signatures. If an attacker modifies the SAML Response and removes the
Remediation
References
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10201
Related Vulnerabilities
CVE-2023-33004 Vulnerability in maven package org.jenkins-ci.plugins:tag-profiler
CVE-2023-49379 Vulnerability in maven package com.jfinal:jfinal
CVE-2018-11499 Vulnerability in npm package node-sass
CVE-2023-35157 Vulnerability in maven package org.xwiki.platform:xwiki-platform-oldcore
CVE-2023-32070 Vulnerability in maven package org.xwiki.platform:xwiki-core-rendering-api