Description

A business logic error in Keycloak's Organization feature allows users to authenticate into organizations that have been administratively disabled. When a user initiates an organization-aware login flow, disabled organizations remain selectable in the UI and are successfully resolved by the backend, allowing the issuance of tokens within the disabled organization's context.

—
This issue was originally tracked in the private repository. Migrated by @abstractj.