Vigilance Vulnerability Alerts - Keycloak: information disclosure via OAuth 2.0 Pushed Authorization Requests, analyzed on 03/06/2024
August 2024 by Vigilance.fr
An attacker can bypass access restrictions to data of Keycloak, via OAuth 2.0 Pushed Authorization Requests, in order to read sensitive information.
Plus d'information sur : https://vigilance.fr/vulnerability/Keycloak-information-disclosure-via-OAuth-2-0-Pushed-Authorization-Requests-44436