org.keycloak:keycloak-services is vulnerable to Cross-site Scripting (XSS) attacks. A remote attacker is able to insert an arbitrary URI into an error page via the `oob OAuth` endpoint due to incorrect null-byte handling.Read More