Keycloak Update 22.0.1 (MINDBREEZE28058)

ID: MINDBREEZE28058 
Affected Components: Mindbreeze InSpire G7, Mindbreeze InSpire SaaS 
Severity: 6.1 Medium 
Status: Final 
First published: October 30, 2023 
CVEs: CVE-2022-4361 

Summary

• CVE-2022-4361 keycloak cross-site scripting (XSS) vulnerability in the SAML or OIDC providers

Hotfix Information

Fixed with following versions of Mindbreeze InSpire On-Premises or Mindbreeze InSpire SaaS: 

• Mindbreeze InSpire 23.6 Release 

• Mindbreeze InSpire SaaS 23.6 Release