CVE-2023-6787 - Keycloak Session Hijacking via Re-authentication Flaw
Keycloak is a popular open-source identity and access management tool used by many organizations to secure their web applications. However, in December 2023, a critical
CVE-2023-3597 - Keycloak’s Authentication Bypass via Invalid Step-Up 2FA Registration Explained
---
Keycloak is widely used for single sign-on (SSO) and identity management solutions for both public and enterprise applications. In June 2023, a potential security