Overly Restrictive Account Lockout Mechanism
org.keycloak, keycloak-core is vulnerable to Overly Restrictive Account Lockout Mechanism. The vulnerability is due to improper handling of login attempts, which may allow a remote unauthenticated attacker to block other accounts from logging in by exploiting this flaw under certain conditions...