Security Advisory

CVE-2023-6927

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2023-12-18 22:59:07

Last updated 2025-11-11 15:55:11

Assigner redhat

State PUBLISHED

Description

A flaw was found in Keycloak. This issue may allow an attacker to steal authorization codes or tokens from clients using a wildcard in the JARM response mode "form_post.jwt" which could be used to bypass the security patch implemented to address CVE-2023-6134.

← Browse all CVEs View on cve.org ↗