← Back to CVE List
CVE-2022-1438
A flaw was found in Keycloak. Under specific circumstances, HTML entities are not sanitized during user impersonation, resulting in a Cross-site scripting (XSS) vulnerability.
> MITRE Terms of Use apply – see LICENSE‑MITRE.txt