Description
It was found that Keycloak's SAML broker, versions up to 6.0.1, did not verify missing message signatures. If an attacker modifies the SAML Response and removes the
Remediation
References
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10201
Related Vulnerabilities
CVE-2022-37257 Vulnerability in npm package steal
CVE-2020-7696 Vulnerability in npm package react-native-fast-image
CVE-2023-30530 Vulnerability in maven package org.jenkins-ci.plugins:consul-kv-builder
CVE-2020-2270 Vulnerability in maven package org.jenkins-ci.plugins:clearcase-release
CVE-2023-3990 Vulnerability in maven package net.mingsoft:ms-mcms