Redhat: >> Keycloak >> 4.1.0 Security Vulnerabilities
The SAML broker consumer endpoint in Keycloak before version 4.6.0.Final ignores expiration conditions on SAML assertions. An attacker can exploit this vulnerability to perform a replay attack.
CVSS Score
6.1
EPSS Score
0.003
Published
2018-11-30
Page 6