CVE-2021-20262 log

Severity Medium
Remote Yes
Type Authentication bypass
A security issue was found in Keycloak where re-authentication does not occur while updating the password. This flaw allows an attacker to take over an account if they can obtain temporary, physical access to a user’s browser.
Group Package Affected Fixed Severity Status Ticket
AVG-1332 keycloak 15.0.2-1 16.0.0-1 High Fixed