Keycloak: CSRF Vulnerability via Missing Authentication Token - Proactive Insights and Support For Open-Source Applications

In Keycloak all versions a low severity vulnerability CVE-2024-5203 was detected. This vulnerability allows attackers to craft a fake login page and trick users into authenticating with an attacker-controlled account due to a missing unique token in the authentication POST request. Currently, there is no fix version for this issue. For more details, visit https://nvd.nist.gov/vuln/detail/CVE-2024-5203.