AVG-1373 log

Package keycloak
Status Fixed
Severity Medium
Type privilege escalation
Affected 11.0.3-1
Fixed 12.0.0-1
Current 24.0.3-1 [extra]
Ticket None
Created Fri Dec 18 14:34:21 2020
Issue Severity Remote Type Description
CVE-2020-27826 Medium Yes Privilege escalation
A flaw was found in keycloak versions prior to 12.0.0 where it is possible to update the user's meta-data attributes using Account REST API. It is now...