CVE-2020-10748 - AskarLabs CVE Database

CVE-2020-10748

Vendor N/A

Product keycloak

Weakness CWE-79 · XSS

Published September 16, 2020

Last update August 4, 2024

View on NVD All CVEs

CVSS base score

—

What the vulnerability does

01Description

A flaw was found in Keycloak's data filter, in version 10.0.1, where it allowed the processing of data URLs in some circumstances. This flaw allows an attacker to conduct cross-site scripting or further attacks.

Key dates

02Disclosure timeline

September 16, 2020 CVE published

August 4, 2024 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2020-10748

Related vulnerabilities

04Related CVE

CVE-2024-9064 Elementor Inline SVG <= 1.2.0 - Authenticated (Author+) Stored Cross-Site Scripting via SVG File Upload CVE-2023-50357 Cross site scripting vulnerability in AREAL SAS Webserv1 ASP Web Site CVE-2025-62729 Stored XSS in SOPlanning CVE-2025-55106 BUG-000173171 ArcGIS Enterprise Sites has a Cross-site Scripting vulnerability. CVE-2022-50588 Nagios XI < 5.8.9 Stored XSS in Update Checking