CVE-2020-10776

A flaw was found in Keycloak before version 12.0.0, where it is possible to add unsafe schemes for the redirect_uri parameter. This flaw allows an attacker to perform a Cross-site scripting attack. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt