Description
Keycloak is an open source identity and access management solution.
Acunetix determined that it was possible to access a 'client secret' without authentication.
Remediation
Upgrade to the latest version of KeyCloak
References
Related Vulnerabilities
MySQL CVE-2019-2974 Vulnerability (CVE-2019-2974)
phpMyFAQ Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2014-6048)
ReviveAdserver Deserialization of Untrusted Data Vulnerability (CVE-2017-5830)
MySQL CVE-2019-2910 Vulnerability (CVE-2019-2910)
Apache Tomcat Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-5885)