Filtered by vendor Michaelkelly Subscriptions
Total 1 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2023-49594 1 Michaelkelly 1 Duouniversalkeycloakauthenticator 2024-11-21 4.5 Medium
An information disclosure vulnerability exists in the challenge functionality of instipod DuoUniversalKeycloakAuthenticator 1.0.7 plugin. A specially crafted HTTP request can lead to a disclosure of sensitive information. A user logging into Keycloak using DuoUniversalKeycloakAuthenticator plugin triggers this vulnerability.