BugCrowd Bug Bounty Disclosure: P4 – open redirect vulnerability occurring at https://keycloak.shared-services.staging.appdat.jsc.nasa.gov/ – uko3211

October 16, 2025
open redirect vulnerability occurring at https://keycloak.shared-services.staging.appdat.jsc.nasa.gov/

open redirect vulnerability occurring at https://keycloak.shared-services.staging.appdat.jsc.nasa.gov/

Researcher: uko3211
Engagement: National Aeronautics and Space Administration (NASA) – Vulnerability Disclosure Program
Disclosed at: 2025-09-10T13:29:35Z
Priority: P4
Status: Resolved

Summary

open redirect vulnerability occurring at https://keycloak.shared-services.staging.appdat.jsc.nasa.gov/

Activity Feed

Actor Details Timestamp (UTC)
Martin_NASA Martin_NASA published 2025-09-10T13:29:35Z
Martin_NASA Martin_NASA sent a: message 2025-09-10T13:29:25Z
oxqnd oxqnd sent a: message 2025-09-09T23:17:44Z
Mariusz Mariusz sent a: message 2025-09-09T18:25:24Z
uko3211 uko3211 sent a: message 2025-09-07T06:48:31Z
uko3211 uko3211 requested 2025-09-07T06:47:29Z
uko3211 uko3211 sent a: message 2025-09-02T08:00:43Z
binbashsu-bugcrowd binbashsu-bugcrowd changed the state to to resolved 2025-09-01T14:33:32Z
Mariusz Mariusz sent a: message 2025-08-12T17:28:36Z
uko3211 uko3211 sent a: message 2025-08-06T06:53:17Z
Martin_NASA Martin_NASA changed the state to to unresolved 2025-08-01T15:22:03Z
Mason357_Bugcrowd Mason357_Bugcrowd sent a: message 2025-07-28T15:42:54Z
Mason357_Bugcrowd Mason357_Bugcrowd changed the state to to triaged 2025-07-28T15:42:49Z
Mason357_Bugcrowd Mason357_Bugcrowd changed the severity to 2025-07-28T15:42:46Z
Mason357_Bugcrowd Mason357_Bugcrowd changed the severity to 2025-07-28T15:42:41Z
oxqnd oxqnd has accepted the invitation to collaborate 2025-07-26T08:01:24Z
uko3211 uko3211 created the submission 2025-07-26T07:42:39Z

Support Our Work

A considerable amount of time and effort goes into maintaining this website, creating backend automation and creating new features and content for you to make actionable intelligence decisions. Everyone that supports the site helps enable new functionality.

If you like the site, please support us on Patreon or Buy Me A Coffee using the buttons below.

AI APIs OSINT driven New features
Buy Me A Coffee Patreon
Tags: , ,

You may have missed

Bugcrowd Logo

BugCrowd Bug Bounty Disclosure: P4 – Sensitive NASA Jira & Employee Data Exposure via Public JSFiddle –

October 16, 2025
Bugcrowd Logo

BugCrowd Bug Bounty Disclosure: P4 – Publicly editable Google Slides linked from nasa.gov enables unauthorized content modification (content integrity & brand abuse risk – Epenetus-Matias-Putra

October 16, 2025
Bugcrowd Logo

BugCrowd Bug Bounty Disclosure: P4 – open redirect vulnerability occurring at https://keycloak.shared-services.staging.appdat.jsc.nasa.gov/ – uko3211

October 16, 2025
Bugcrowd Logo

BugCrowd Bug Bounty Disclosure: P5 – internal IP Disclosure via Public DNS Record (blue.guest.hq.nasa.gov) – Theekshana_kusal

October 16, 2025
Bugcrowd Logo

BugCrowd Bug Bounty Disclosure: P5 – Directory Listing Vulnerability – Vinit06

October 16, 2025