A flaw was found in the redirect_uri... CVE-2023-6291

- AV AC AU C I A
发布: 2024-01-26
修订: 2024-02-14

A flaw was found in the redirect_uri validation logic in Keycloak. This issue may allow a bypass of otherwise explicitly allowed hosts. A successful attack may lead to an access token being stolen, making it possible for the attacker to impersonate other users.

0%
暂无可用Exp或PoC
当前有16条受影响产品信息