CVE-2023-6291
CVSS v3.1
7.1 (High)
EPSS
0.14 % (51th)
Affected Products
8
Advisories
1
A flaw was found in the redirect_uri validation logic in Keycloak. This issue may allow a bypass of otherwise explicitly allowed hosts. A successful attack may lead to an access token being stolen, making it possible for the attacker to impersonate other users.
- CVE Status
- PUBLISHED
- CNA
- Red Hat, Inc.
- Published Date
-
2024-01-26 15:15:08
(7 months ago) - Updated Date
-
2024-02-14 03:15:14
(7 months ago)
Affected Products
Loading...
Loading...
Loading...
Configuration #1
|
Configuration #2
AND |
|
---|
Configuration #3
AND |
|
---|
Configuration #4
|
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...