CVE-2020-1727
maven/org.keycloak/keycloak-services
Improper Input Validation
A vulnerability was found in Keycloak where every Authorization URL that points to an IDP server lacks proper input validation. This flaw allows a malicious to craft deep links that introduce further attack scenarios on affected clients.
All versions before 9.0.2
Upgrade to version 9.0.2 or above.
2020-06-30
source |