Description

A flaw was found in Red Hat Advanced Cluster Security (ACS). An unauthenticated remote attacker can exploit a vulnerability in the login interface's OAuth callback endpoint by crafting a malicious URL. This URL, containing unvalidated `error` and `error_uri` parameters, allows the attacker to display arbitrary error messages, leading to content spoofing. Furthermore, the attacker can redirect victims to malicious domains, effectively performing an open redirect under the guise of the trusted application's user interface.

INFO

Published Date :

Last Modified :

Source :

AFFECTED PRODUCTS

The following products are affected by CVE-2026-4981 vulnerability.

Vendors Products
Redhat
  • Advanced Cluster Security
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2026-4981.

URL Resource
https://nvd.nist.gov/vuln/detail/CVE-2026-4981 cve-icon
https://www.cve.org/CVERecord?id=CVE-2026-4981 cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact