From 7f3096213b1d08abf20cdf8f96dcbdd4680af194 Mon Sep 17 00:00:00 2001
From: Chetven <chethna.frends@gmail.com>
Date: Sat, 21 Dec 2024 09:05:47 +0100
Subject: [PATCH] Adding CVE as alias

---
 .../2024/01/GHSA-9vm7-v8wj-3fqw/GHSA-9vm7-v8wj-3fqw.json    | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/advisories/github-reviewed/2024/01/GHSA-9vm7-v8wj-3fqw/GHSA-9vm7-v8wj-3fqw.json b/advisories/github-reviewed/2024/01/GHSA-9vm7-v8wj-3fqw/GHSA-9vm7-v8wj-3fqw.json
index 8cd045be14867..5a450f05aac98 100644
--- a/advisories/github-reviewed/2024/01/GHSA-9vm7-v8wj-3fqw/GHSA-9vm7-v8wj-3fqw.json
+++ b/advisories/github-reviewed/2024/01/GHSA-9vm7-v8wj-3fqw/GHSA-9vm7-v8wj-3fqw.json
@@ -3,7 +3,9 @@
   "id": "GHSA-9vm7-v8wj-3fqw",
   "modified": "2024-01-23T14:43:50Z",
   "published": "2024-01-23T14:43:50Z",
-  "aliases": [],
+  "aliases": [
+    "CVE-2023-6927"
+  ],
   "summary": "keycloak-core: open redirect via \"form_post.jwt\" JARM response mode",
   "details": "An incomplete fix was found in Keycloak Core patch. An attacker can steal authorization codes or tokens from clients using a wildcard in the JARM response mode \"form_post.jwt\". It is observed that changing the response_mode parameter in the original proof of concept from \"form_post\" to \"form_post.jwt\" can bypass the security patch implemented to address CVE-2023-6134.",
   "severity": [],
@@ -47,4 +49,4 @@
     "github_reviewed_at": "2024-01-23T14:43:50Z",
     "nvd_published_at": null
   }
-}
\ No newline at end of file
+}