CVE-2021-20222 log

Source
Severity High
Remote Yes
Type Cross-site scripting
Description
A security issue was found in keycloak before version 13.0.0. The new account console in keycloak can allow malicious code to be executed using the referrer URL.
Group Package Affected Fixed Severity Status Ticket
AVG-1926 keycloak 12.0.4-1 13.0.0-1 High Fixed
References
https://bugzilla.redhat.com/show_bug.cgi?id=1924606
https://issues.redhat.com/browse/KEYCLOAK-17033
https://github.com/keycloak/keycloak/pull/7868
https://github.com/keycloak/keycloak/commit/3b80eee5bfdf2b80c47465c0f2eaf70074808741