CVE-2022-1970

Name of the Vulnerable Software and Affected Versions keycloak version 18.0.0

Description The issue concerns an open redirect in the authentication endpoint via the redirect uri parameter. However, it has been determined that this is a known misconfiguration, and recommendations to mitigate the issue already exist in the Keycloak documentation.

Recommendations For keycloak version 18.0.0, follow the recommendations in the Keycloak documentation to mitigate the open redirect issue, specifically configuring the authentication endpoint to prevent open redirects.