CVE-2020-1727
published 2020-06-22CVE-2020-1727: A vulnerability was found in Keycloak before 9.0.2, where every Authorization URL that points to an IDP server lacks proper input validation as it allows a…
medium5.4CVSS 3.1
AVNACLPRLUINSUCLILAN
A vulnerability was found in Keycloak before 9.0.2, where every Authorization URL that points to an IDP server lacks proper input validation as it allows a wide range of characters. This flaw allows a malicious to craft deep links that introduce further attack scenarios on affected clients.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| redhat | keycloak | < 9.0.2 | 9.0.2 |