This post covers the technical details of CVE-2023-6927 which allows an attacker to create malicious Keycloak authorization request URLs that bypass the redirect URI validation. This can be exploited to steal a victim’s authorization code or access token, depending on the client configuration. The vulnerability affects all OAuth 2.0 clients configured with a redirect URI ending with a * in Keycloak < 23.0.4. OAuth 2.0 basics The current best practices for OAuth 2.0 in browser-based apps is to us...