A flaw was found in Keycloak. This issue occurs due to improperly enforcing token types when validating signatures locally. This could allow an authenticated attacker to exchange a logout token for an access token and possibly gain access to data outside of enforced permissions.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
No data.
Vulnrichment
No data.
NVD
No data.
Redhat