CVE-2024-7260
Published: Sep 9, 2024
Modified: Jan 23, 2026
CVSS v3.1
6.1
Description
An open redirect vulnerability was found in Keycloak. A specially crafted URL can be constructed where the referrer and referrer_uri parameters are made to trick a user to visit a malicious webpage. A trusted URL can trick users and automation into believing that the URL is safe, when, in fact, it redirects to a malicious server. This issue can result in a victim inadvertently trusting the destination of the redirect, potentially leading to a successful phishing attack or other types of attacks. Once a crafted URL is made, it can be sent to a Keycloak admin via email for example. This will trigger this vulnerability when the user visits the page and clicks the link. A malicious actor can use this to target users they know are Keycloak admins for further attacks. It may also be possible to bypass other domain-related security checks, such as supplying this as a OAuth redirect uri. The malicious actor can further obfuscate the redirect_uri using URL encoding, to hide the text of the actual malicious website domain.
| Vendor | Product | Versions |
|---|---|---|
Unknown | keycloak | affected 0 - < 24.0.7 |
Red Hat | Red Hat Build of Keycloak | All versions |
Red Hat | Red Hat build of Keycloak 24 | unaffected 24.0.7-4 - < * |
Red Hat | Red Hat build of Keycloak 24 | unaffected 24-16 - < * |
Red Hat | Red Hat build of Keycloak 24 | unaffected 24-16 - < * |
Weaknesses (CWE)
CVSS v3.1 Details
CVSS v3.1 Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
References
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now