Writeup: Keycloak open redirect (CVE-2023-6927)

CVE-2023-6927 Keycloak vulnerability allows bypassing redirect URI validation which can be used as a vector for stealing authorization codes, access tokens and be used to redirect victims to arbitrary hosts.

Related Keywords

Mozilla Firefox ,Kasper Karlsson ,Pontus Hanssen ,Key For Code Exchange , ,Code Exchange ,Open Source Identity ,Access Management ,Authorization Response Mode ,Google Chrome ,Identity Providers ,Identity Provider ,