A flaw was found in Keycloak. Certain endpoints in Keycloak's admin REST API allow low-privilege users to access administrative functionalities. This flaw allows users to perform actions reserved for administrators, potentially leading to data breaches or system compromise.
| Package (Ecosystem) | Introduced | Fixed | Limit |
|---|---|---|---|
| org.keycloak:keycloak-services(Maven) | 0 | 24.0.5 | N/A |
CVSS Metrics
