Skip to content

Commit

Permalink
Merge pull request #5111 from Chetven/GHSA-w8gr-xwp4-r9f7
Browse files Browse the repository at this point in the history
  • Loading branch information
advisory-database[bot] authored Dec 20, 2024
2 parents a26e490 + e46ff5a commit bb75668
Showing 1 changed file with 4 additions and 2 deletions.
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,9 @@
"id": "GHSA-w8gr-xwp4-r9f7",
"modified": "2024-10-14T20:55:22Z",
"published": "2024-10-14T20:55:22Z",
"aliases": [],
"aliases": [
"CVE-2024-8883"
],
"summary": "Vulnerable Redirect URI Validation Results in Open Redirect",
"details": "A misconfiguration flaw was found in Keycloak. This issue can allow an attacker to redirect users to an arbitrary URL if a 'Valid Redirect URI' is set to http://localhost/ or http://127.0.0.1/, enabling sensitive information such as authorization codes to be exposed to the attacker, potentially leading to session hijacking.",
"severity": [
Expand Down Expand Up @@ -99,4 +101,4 @@
"github_reviewed_at": "2024-10-14T20:55:22Z",
"nvd_published_at": null
}
}
}

0 comments on commit bb75668

Please sign in to comment.