CVE-2023-6544

Name of the Vulnerable Software and Affected Versions: Keycloak (affected versions not specified)

Description: A flaw was found in the Keycloak package due to a permissive regular expression hardcoded for filtering, which allows hosts to register a dynamic client. A malicious user with enough information about the environment could jeopardize an environment with this specific Dynamic Client Registration and TrustedDomain configuration previously unauthorized.

Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.