keycloak-core: open redirect via "form_post.jwt" JARM response mode

An incomplete fix was found in Keycloak Core patch. An attacker can steal authorization codes or tokens from clients using a wildcard in the JARM response mode "formpost.jwt". It is observed that changing the responsemode parameter in the original proof of concept from "formpost" to "formpost.jwt...

RHEL 8 : Red Hat Single Sign-On 7.6.6 security update on RHEL 8 (Moderate) (RHSA-2024:0095)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:0095 advisory. Red Hat Single Sign-On 7.6 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single...

RHEL 9 : Red Hat Single Sign-On 7.6.6 security update on RHEL 9 (Moderate) (RHSA-2024:0096)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:0096 advisory. Red Hat Single Sign-On 7.6 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single...

CVE-2023-6927

A flaw was found in Keycloak. This issue may allow an attacker to steal authorization codes or tokens from clients using a wildcard in the JARM response mode "formpost.jwt" which could be used to bypass the security patch implemented to address CVE-2023-6134...

CVE-2023-6927

A flaw was found in Keycloak. This issue may allow an attacker to steal authorization codes or tokens from clients using a wildcard in the JARM response mode "formpost.jwt" which could be used to bypass the security patch implemented to address CVE-2023-6134...

CVE-2023-6920

An incomplete fix was found in the Keycloak Core patch. An attacker can steal authorization codes or tokens from clients using a wildcard in the JARM response mode "formpost.jwt". Changing the responsemode parameter in the original proof of concept from "formpost" to "formpost.jwt" can bypass the...