Generation of Error Message Containing Sensitive Information
A flaw was found in Keycloak. A logged in user can do an account email enumeration attack. NOTE: We couldn't find a fix for this.
CWE-209 - Generation of Error Message Containing Sensitive Information
The software generates an error message that includes sensitive information about its environment, users, or associated data.