CVE-2020-1727

Improper Input Validation in maven/org.keycloak/keycloak-services

Identifiers

CVE-2020-1727

Package Slug

maven/org.keycloak/keycloak-services

Vulnerability

Improper Input Validation

Description

A vulnerability was found in Keycloak where every Authorization URL that points to an IDP server lacks proper input validation. This flaw allows a malicious to craft deep links that introduce further attack scenarios on affected clients.

Affected Versions

All versions before 9.0.2

Solution

Upgrade to version 9.0.2 or above.

Last Modified

2020-06-30

source