CVE-2024-4028

A vulnerability was found in Keycloak. This issue may allow a privileged attacker to use a malicious payload as the permission while creating items (Resource and Permissions) from the admin console, leading to a stored cross-site scripting (XSS) attack. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt