Hello. We use Keycloak for authentication for custom apps at my workspace. Recently, I ran an OWASP ZAP security scan on our Keycloak instance. It has flagged a Remote OS Command Injection vulnerability when reaching the URL https://[keycloak-instance]/auth/realms/[realm]/login-actions/authenticate?client_id=[client]&execution=be229a1e-2516-4a83-9eac-7d6e497eade5%22%7Ctimeout+%2FT+15&session_code=aHSonXbIPisAR12Uz-uqTj9rNVQinSi-tI-6VTdC0H8&tab_id=Tdl0L-Y-VTQ. Is this a known vulnerability?
Can you share the ZAPs output please?