85 matches found
Improper Redirect URI Validation
@cloudflare/workers-oauth-provider is vulnerable to improper redirect URI validation. The vulnerability is due to missing validation of the redirecturi during the authorization step, allowing attackers to intercept authorization codes by supplying unapproved redirect URIs...
Keycloak: Vulnerable Redirect URI Validation Results in Open Redirec
A misconfiguration flaw was found in Keycloak. This issue can allow an attacker to redirect users to an arbitrary URL if a 'Valid Redirect URI' is set to http://localhost or http://127.0.0.1, enabling sensitive information such as authorization codes to be exposed to the attacker, potentially...
Keycloak: Vulnerable Redirect URI Validation Results in Open Redirec
A misconfiguration flaw was found in Keycloak. This issue can allow an attacker to redirect users to an arbitrary URL if a 'Valid Redirect URI' is set to http://localhost or http://127.0.0.1, enabling sensitive information such as authorization codes to be exposed to the attacker, potentially...
Keycloak: Vulnerable Redirect URI Validation Results in Open Redirec
A misconfiguration flaw was found in Keycloak. This issue can allow an attacker to redirect users to an arbitrary URL if a 'Valid Redirect URI' is set to http://localhost or http://127.0.0.1, enabling sensitive information such as authorization codes to be exposed to the attacker, potentially...
Keycloak: Vulnerable Redirect URI Validation Results in Open Redirec
A misconfiguration flaw was found in Keycloak. This issue can allow an attacker to redirect users to an arbitrary URL if a 'Valid Redirect URI' is set to http://localhost or http://127.0.0.1, enabling sensitive information such as authorization codes to be exposed to the attacker, potentially...
GHSA-W8GR-XWP4-R9F7 Keycloak has Vulnerable Redirect URI Validation Results in Open Redirect
A misconfiguration flaw was found in Keycloak. This issue can allow an attacker to redirect users to an arbitrary URL if a 'Valid Redirect URI' is set to http://localhost/ or http://127.0.0.1/, enabling sensitive information such as authorization codes to be exposed to the attacker, potentially...
Keycloak has Vulnerable Redirect URI Validation Results in Open Redirect
A misconfiguration flaw was found in Keycloak. This issue can allow an attacker to redirect users to an arbitrary URL if a 'Valid Redirect URI' is set to http://localhost/ or http://127.0.0.1/, enabling sensitive information such as authorization codes to be exposed to the attacker, potentially...
GHSA-VVF8-2H68-9475 Duplicate Advisory: Keycloak Open Redirect vulnerability
Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-w8gr-xwp4-r9f7. This link is maintained to preserve external references. Original Description A misconfiguration flaw was found in Keycloak. This issue can allow an attacker to redirect users to an arbitrary URL...
Duplicate Advisory: Keycloak Open Redirect vulnerability
Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-w8gr-xwp4-r9f7. This link is maintained to preserve external references. Original Description A misconfiguration flaw was found in Keycloak. This issue can allow an attacker to redirect users to an arbitrary URL...
Keycloak: Vulnerable Redirect URI Validation Results in Open Redirec
A misconfiguration flaw was found in Keycloak. This issue can allow an attacker to redirect users to an arbitrary URL if a 'Valid Redirect URI' is set to http://localhost or http://127.0.0.1, enabling sensitive information such as authorization codes to be exposed to the attacker, potentially...
Keycloak: Vulnerable Redirect URI Validation Results in Open Redirec
A misconfiguration flaw was found in Keycloak. This issue can allow an attacker to redirect users to an arbitrary URL if a 'Valid Redirect URI' is set to http://localhost or http://127.0.0.1, enabling sensitive information such as authorization codes to be exposed to the attacker, potentially...
Keycloak: Vulnerable Redirect URI Validation Results in Open Redirec
A misconfiguration flaw was found in Keycloak. This issue can allow an attacker to redirect users to an arbitrary URL if a 'Valid Redirect URI' is set to http://localhost or http://127.0.0.1, enabling sensitive information such as authorization codes to be exposed to the attacker, potentially...
Keycloak: Vulnerable Redirect URI Validation Results in Open Redirec
A misconfiguration flaw was found in Keycloak. This issue can allow an attacker to redirect users to an arbitrary URL if a 'Valid Redirect URI' is set to http://localhost or http://127.0.0.1, enabling sensitive information such as authorization codes to be exposed to the attacker, potentially...
Keycloak: Vulnerable Redirect URI Validation Results in Open Redirec
A misconfiguration flaw was found in Keycloak. This issue can allow an attacker to redirect users to an arbitrary URL if a 'Valid Redirect URI' is set to http://localhost or http://127.0.0.1, enabling sensitive information such as authorization codes to be exposed to the attacker, potentially...
CVE-2024-8883
A misconfiguration flaw was found in Keycloak. This issue can allow an attacker to redirect users to an arbitrary URL if a 'Valid Redirect URI' is set to http://localhost or http://127.0.0.1, enabling sensitive information such as authorization codes to be exposed to the attacker, potentially...
CVE-2024-8883
A misconfiguration flaw was found in Keycloak. This issue can allow an attacker to redirect users to an arbitrary URL if a 'Valid Redirect URI' is set to http://localhost or http://127.0.0.1, enabling sensitive information such as authorization codes to be exposed to the attacker, potentially...
CVE-2024-8883
A misconfiguration flaw was found in Keycloak. This issue can allow an attacker to redirect users to an arbitrary URL if a 'Valid Redirect URI' is set to http://localhost or http://127.0.0.1, enabling sensitive information such as authorization codes to be exposed to the attacker, potentially...
CVE-2024-8883
A misconfiguration flaw was found in Keycloak. This issue can allow an attacker to redirect users to an arbitrary URL if a 'Valid Redirect URI' is set to http://localhost or http://127.0.0.1, enabling sensitive information such as authorization codes to be exposed to the attacker, potentially...
Red Hat Keycloak 输入验证错误漏洞
Red Hat Keycloak is a suite of software from Red Hat, Inc. that provides authentication and management capabilities for modern applications and services. An input validation error vulnerability exists in Red Hat Keycloak versions prior to 25.0.6, which stems from a configuration error that allows...
PT-2024-39298 · Red Hat · Keycloak
Name of the Vulnerable Software and Affected Versions: Keycloak affected versions not specified Description: A misconfiguration flaw was found in Keycloak, allowing an attacker to redirect users to an arbitrary URL if a 'Valid Redirect URI' is set to http://localhost or http://127.0.0.1. This...