A flaw in the OAuth callback endpoint of Red Hat Advanced Cluster Security (ACS) lets an unauthenticated attacker craft URLs with unvalidated error and error_uri parameters. The malicious link can cause the application to display arbitrary error messages, leading to content spoofing, and can redirect users to attacker‑controlled domains, effectively performing an open redirect under the trusted interface. This weakness is a classic example of CWE‑601 (Open Redirect). The consequences are primarily phishing or social‑engineering attacks rather than direct code execution, but the ability to trust the application’s UI can undermine user confidence and facilitate credential theft or other downstream attacks.

The vulnerability affects Red Hat Advanced Cluster Security, a security platform for Kubernetes environments. No specific version ranges are listed, implying that all installations of ACS could be affected until a patch is applied. Users should review the release notes from Red Hat for a fix or consult the vendor’s advisory pages.

The CVSS score is 5.4, which reflects moderate severity. EPSS data is not available, and the issue is not currently listed in the CISA KEV catalog. The attack requires no authentication and can be launched remotely by any user who can visit the login interface with a crafted URL, so the attack vector is network‑based. Due to the lack of exploit data, the likelihood is uncertain, but the moderate score and unrestricted remote access indicate a tangible risk if the system is exposed to untrusted users.