CVE-2023-0264 Information

Description

A flaw was found in Keycloaks OpenID Connect user authentication which may incorrectly authenticate requests. An authenticated attacker who could obtain information from a user request within the same realm could use that data to impersonate the victim and generate new session tokens. This issue could impact confidentiality integrity and availability.

Reference

https://access.redhat.com/security/cve/CVE-2023-0264