CVE-2022-3782

Name of the Vulnerable Software and Affected Versions Keycloak (affected versions not specified)

Description A flaw was found in Keycloak, where it does not properly validate URLs included in a redirect. An attacker can use this flaw to construct a malicious request to bypass validation and access other URLs and potentially sensitive information within the domain or possibly conduct further attacks. This issue affects any client that utilizes a wildcard in the Valid Redirect URIs field.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.