A flaw was found in Keycloak. An active keycloak session can be hijacked by initiating a new authentication (having the query parameter `prompt=login`) and forcing the user to enter his credentials once again. If the user cancels this re-authentication by clicking `Restart login`, the account takeover could take place as the new session, with a different SUB, will have the same SID as the previous session.
This issue has been addressed in the following products: Red Hat build of Keycloak 22.0.10 Via RHSA-2024:1868 https://access.redhat.com/errata/RHSA-2024:1868
This issue has been addressed in the following products: Red Hat build of Keycloak 22 Via RHSA-2024:1867 https://access.redhat.com/errata/RHSA-2024:1867