Critical Vulnerability Information Advisory ID: RHSA-2025:11638 Release Date: 2025-07-23 Update Date: 2025-07-23 Type/Severity: Security Advisory - Moderate Subject: Red Hat Single Sign-On 7.6.12 Security Update Available for RHEL 7 Description: - Red Hat Single Sign-On 7.6 is a standalone server based on the Keycloak project, providing authentication and standard single sign-on capabilities for web and mobile applications. - This release of Red Hat Single Sign-On 7.6.12 for RHEL 7 serves as a replacement for Red Hat Single Sign-On 7.6.11 and includes fixes and enhancements, detailed in the release notes documentation referenced below. This security update has a moderate impact. Security Fixes: - org.wildfly.core/wildfly-core-management-client: Wildfly vulnerable to Cross-Site Scripting (XSS) (CVE-2024-10234) Solution: Before applying this update, ensure that all previously released errata relevant to your system have been applied. For detailed instructions on how to apply this update, see: https://access.redhat.com/articles/11258 Affected Products: - Red Hat Single Sign-On 7.6 for RHEL 7 x86_64 Fixes: - BZ - 2320848 - CVE-2024-10234 wildfly: Wildfly vulnerable to Cross-Site Scripting (XSS) CVEs: - CVE-2024-10234 References: - https://access.redhat.com/security/updates/classification/#moderate