CVE-2023-6927

Name of the Vulnerable Software and Affected Versions Keycloak (affected versions not specified)

Description A flaw was found in Keycloak, which may allow an attacker to steal authorization codes or tokens from clients using a wildcard in the JARM response mode "form post.jwt". This could be used to bypass the security patch implemented to address a previous issue. The attacker can exploit this by changing the response mode parameter in the original proof of concept from "form post" to "form post.jwt".

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.