-
CVSS Score
-Basic Information
Technical Details
Vulnerability Intelligence
Miggo AI
Miggo AIMiggo AIMiggo AIRoot Cause AnalysisThe vulnerability description explicitly identifies the lack of URL normalization in RedirectUtils as the root cause. The verifyRedirectUri() function is central to OIDC redirect URI validation logic. Without normalization, attackers could exploit discrepancies between raw user-provided URLs and registered allowed URIs (e.g., via path traversal '../' or encoding differences). This matches the CWE-601 pattern where unvalidated redirects enable open redirection. The direct reference to RedirectUtils in the vulnerability title and description provides high confidence in this assessment.
| Package Name | Ecosystem | Vulnerable Versions | First Patched Version |
|---|---|---|---|
| org.keycloak:keycloak-core | maven | <= 3.2.1.Final |