CVE | CVE-2022-3782 |
CVE Title | |
Published Date | 2023-01-13T06:15Z |
Modified Date | 2023-01-13T14:01Z |
Description | keycloak: path traversal via double URL encoding. A flaw was found in Keycloak, where it does not properly validate URLs included in a redirect. An attacker can use this flaw to construct a malicious request to bypass validation and access other URLs and potentially sensitive information within the domain or possibly conduct further attacks. This flaw affects any client that utilizes a wildcard in the Valid Redirect URIs field. |
References | |
By clicking these links you will leave this website. We do not endorse and will not be held accountable for any activity on external sites. | |
Reference URL | https://access.redhat.com/security/cve/CVE-2022-3782 |
Reference Description | MISC https://access.redhat.com/security/cve/CVE-2022-3782 |
Reference Description | |
Sources | NIST MITRE |
Note
- No CVSS data for this CVE