A vulnerability was found in JBoss KeyCloak. It has been declared as problematic. This vulnerability affects unknown code of the component Incomplete Fix CVE-2020-10748. The manipulation of the argument redirect_uri leads to cross site scripting.
This vulnerability was named CVE-2023-6134. The attack can be initiated remotely. There is no exploit available.