CNNVD-202509-721 Information
Sep 05, 2025
cve
CNNVD ID
CNNVD-202509-721
Related CVE
- CNNVD Published: 2025-09-05
Description (Chinese)
Red Hat build of Keycloak是美国红帽(Red Hat)公司的一款用于单点登录的Web应用。 Red Hat Build of Keycloak存在跨站脚本漏洞,该漏洞源于对error_description参数的错误处理,可能导致钓鱼攻击。
Description (English)
Red Hat built of Keycloak is a Web application for single-point access by Red Hat. Red Hat Build of Keycloak has a cross-site script loophole, which stems from an error in the treatment of error description parameters, which may lead to fishing attacks.
Hazard Level
High
Vulnerability Type
跨站脚本
Affected Vendor
RedisBloom
Published
2025-09-05
Last Modified
2026-02-24
References
https://access.redhat.com/security/cve/CVE-2025-10044 https://bugzilla.redhat.com/show_bug.cgi?id=2393551 https://vigilance.fr/vulnerability/Keycloak-spoofing-via-Error-Description-Injection-48421
Share on: