CVE-2022-1274
keycloak: HTML injection in execute-actions-email Admin REST API
Severity Score
5.4
*CVSS v3.1
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
A flaw was found in Keycloak in the execute-actions-email endpoint. This issue allows arbitrary HTML to be injected into emails sent to Keycloak users and can be misused to perform phishing or other attacks against users.
Red Hat Single Sign-On 7.6 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications. This release of Red Hat Single Sign-On 7.6.2 serves as a replacement for Red Hat Single Sign-On 7.6.1, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include code execution, cross site scripting, denial of service, deserialization, html injection, memory exhaustion, open redirection, server-side request forgery, and traversal vulnerabilities.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2022-04-08 CVE Reserved
- 2023-03-02 CVE Published
- 2024-08-02 CVE Updated
- 2025-03-30 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
- CWE-80: Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS)
CAPEC
References (4)
| URL | Tag | Source |
|---|---|---|
| https://github.com/keycloak/keycloak/security/advisories/GHSA-m4fv-gm5m-4725 | Third Party Advisory | |
| https://herolab.usd.de/security-advisories/usd-2021-0033 |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://bugzilla.redhat.com/show_bug.cgi?id=2073157 | 2023-03-01 | |
| https://access.redhat.com/security/cve/CVE-2022-1274 | 2023-03-01 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Redhat Search vendor "Redhat" | Single Sign-on Search vendor "Redhat" for product "Single Sign-on" | >= 7.6 < 7.6.2 Search vendor "Redhat" for product "Single Sign-on" and version " >= 7.6 < 7.6.2" | - |
Affected
| in | Redhat Search vendor "Redhat" | Enterprise Linux Search vendor "Redhat" for product "Enterprise Linux" | 7.0 Search vendor "Redhat" for product "Enterprise Linux" and version "7.0" | - |
Safe
|
| Redhat Search vendor "Redhat" | Single Sign-on Search vendor "Redhat" for product "Single Sign-on" | >= 7.6 < 7.6.2 Search vendor "Redhat" for product "Single Sign-on" and version " >= 7.6 < 7.6.2" | - |
Affected
| in | Redhat Search vendor "Redhat" | Enterprise Linux Search vendor "Redhat" for product "Enterprise Linux" | 8.0 Search vendor "Redhat" for product "Enterprise Linux" and version "8.0" | - |
Safe
|
| Redhat Search vendor "Redhat" | Single Sign-on Search vendor "Redhat" for product "Single Sign-on" | >= 7.6 < 7.6.2 Search vendor "Redhat" for product "Single Sign-on" and version " >= 7.6 < 7.6.2" | - |
Affected
| in | Redhat Search vendor "Redhat" | Enterprise Linux Search vendor "Redhat" for product "Enterprise Linux" | 9.0 Search vendor "Redhat" for product "Enterprise Linux" and version "9.0" | - |
Safe
|
| Redhat Search vendor "Redhat" | Openshift Container Platform Search vendor "Redhat" for product "Openshift Container Platform" | 4.9 Search vendor "Redhat" for product "Openshift Container Platform" and version "4.9" | - |
Affected
| in | Redhat Search vendor "Redhat" | Enterprise Linux Search vendor "Redhat" for product "Enterprise Linux" | 8.0 Search vendor "Redhat" for product "Enterprise Linux" and version "8.0" | - |
Safe
|
| Redhat Search vendor "Redhat" | Openshift Container Platform Search vendor "Redhat" for product "Openshift Container Platform" | 4.9 Search vendor "Redhat" for product "Openshift Container Platform" and version "4.9" | - |
Affected
| in | Redhat Search vendor "Redhat" | Enterprise Linux For Ibm Z Systems Search vendor "Redhat" for product "Enterprise Linux For Ibm Z Systems" | 8.0 Search vendor "Redhat" for product "Enterprise Linux For Ibm Z Systems" and version "8.0" | - |
Safe
|
| Redhat Search vendor "Redhat" | Openshift Container Platform Search vendor "Redhat" for product "Openshift Container Platform" | 4.9 Search vendor "Redhat" for product "Openshift Container Platform" and version "4.9" | - |
Affected
| in | Redhat Search vendor "Redhat" | Enterprise Linux For Ibm Z Systems Eus Search vendor "Redhat" for product "Enterprise Linux For Ibm Z Systems Eus" | 8.0 Search vendor "Redhat" for product "Enterprise Linux For Ibm Z Systems Eus" and version "8.0" | - |
Safe
|
| Redhat Search vendor "Redhat" | Openshift Container Platform Search vendor "Redhat" for product "Openshift Container Platform" | 4.9 Search vendor "Redhat" for product "Openshift Container Platform" and version "4.9" | - |
Affected
| in | Redhat Search vendor "Redhat" | Enterprise Linux For Power Little Endian Search vendor "Redhat" for product "Enterprise Linux For Power Little Endian" | 8.0 Search vendor "Redhat" for product "Enterprise Linux For Power Little Endian" and version "8.0" | - |
Safe
|
| Redhat Search vendor "Redhat" | Openshift Container Platform Search vendor "Redhat" for product "Openshift Container Platform" | 4.9 Search vendor "Redhat" for product "Openshift Container Platform" and version "4.9" | - |
Affected
| in | Redhat Search vendor "Redhat" | Enterprise Linux For Power Little Endian Eus Search vendor "Redhat" for product "Enterprise Linux For Power Little Endian Eus" | 8.0 Search vendor "Redhat" for product "Enterprise Linux For Power Little Endian Eus" and version "8.0" | - |
Safe
|
| Redhat Search vendor "Redhat" | Openshift Container Platform Search vendor "Redhat" for product "Openshift Container Platform" | 4.10 Search vendor "Redhat" for product "Openshift Container Platform" and version "4.10" | - |
Affected
| in | Redhat Search vendor "Redhat" | Enterprise Linux Search vendor "Redhat" for product "Enterprise Linux" | 8.0 Search vendor "Redhat" for product "Enterprise Linux" and version "8.0" | - |
Safe
|
| Redhat Search vendor "Redhat" | Openshift Container Platform Search vendor "Redhat" for product "Openshift Container Platform" | 4.10 Search vendor "Redhat" for product "Openshift Container Platform" and version "4.10" | - |
Affected
| in | Redhat Search vendor "Redhat" | Enterprise Linux For Ibm Z Systems Search vendor "Redhat" for product "Enterprise Linux For Ibm Z Systems" | 8.0 Search vendor "Redhat" for product "Enterprise Linux For Ibm Z Systems" and version "8.0" | - |
Safe
|
| Redhat Search vendor "Redhat" | Openshift Container Platform Search vendor "Redhat" for product "Openshift Container Platform" | 4.10 Search vendor "Redhat" for product "Openshift Container Platform" and version "4.10" | - |
Affected
| in | Redhat Search vendor "Redhat" | Enterprise Linux For Ibm Z Systems Eus Search vendor "Redhat" for product "Enterprise Linux For Ibm Z Systems Eus" | 8.0 Search vendor "Redhat" for product "Enterprise Linux For Ibm Z Systems Eus" and version "8.0" | - |
Safe
|
| Redhat Search vendor "Redhat" | Openshift Container Platform Search vendor "Redhat" for product "Openshift Container Platform" | 4.10 Search vendor "Redhat" for product "Openshift Container Platform" and version "4.10" | - |
Affected
| in | Redhat Search vendor "Redhat" | Enterprise Linux For Power Little Endian Search vendor "Redhat" for product "Enterprise Linux For Power Little Endian" | 8.0 Search vendor "Redhat" for product "Enterprise Linux For Power Little Endian" and version "8.0" | - |
Safe
|
| Redhat Search vendor "Redhat" | Openshift Container Platform Search vendor "Redhat" for product "Openshift Container Platform" | 4.10 Search vendor "Redhat" for product "Openshift Container Platform" and version "4.10" | - |
Affected
| in | Redhat Search vendor "Redhat" | Enterprise Linux For Power Little Endian Eus Search vendor "Redhat" for product "Enterprise Linux For Power Little Endian Eus" | 8.0 Search vendor "Redhat" for product "Enterprise Linux For Power Little Endian Eus" and version "8.0" | - |
Safe
|
| Redhat Search vendor "Redhat" | Keycloak Search vendor "Redhat" for product "Keycloak" | < 20.0.5 Search vendor "Redhat" for product "Keycloak" and version " < 20.0.5" | - |
Affected
| ||||||
| Redhat Search vendor "Redhat" | Single Sign-on Search vendor "Redhat" for product "Single Sign-on" | - | text-only |
Affected
| ||||||