CVE-2020-1723 - log back

CVE-2020-1723 edited at 19 Jan 2021 13:19:30
Severity
- Unknown
+ Low
Remote
- Unknown
+ Remote
Type
- Unknown
+ Open redirect
Description
+ A security issue was found in keycloak. The logout endpoint /oauth/logout?redirect=url can be abused to redirect logged in users to arbitrary web pages. This vulnerability could be used in phishing attacks.
References
+ https://bugzilla.redhat.com/show_bug.cgi?id=1770276
+ https://issues.jboss.org/browse/KEYCLOAK-11318
CVE-2020-1723 created at 19 Jan 2021 13:18:06
Severity
+ Unknown
Remote
+ Unknown
Type
+ Unknown
Description
References
Notes