[keycloak-dev] Open Redirect Vulnerability

Pedro Igor Silva psilva at redhat.com
Wed Apr 15 16:57:55 EDT 2015 

Hi,

    Is KC considering this vulnerability [1] when performing redirects ? Specially for OAuth Clients doing authorization code grant.

Regards.

[1] http://intothesymmetry.blogspot.ch/2015/04/open-redirect-in-rfc6749-aka-oauth-20.html

More information about the keycloak-dev mailing list