our customers are experiencing problems in situations where resetting password is started in one web browser and accomplished in another one.
This scenario occurs if a user surfs with one kind of web browser, but an email application opens password reset link in another one.

I suppose that the root cause is the same like the documented in KEYCLOAK-1014 one.

We run Keycloak 1.9.4 standalone servers in our production at the moment, but already started to roll out RH SSO 7.0 in other stages. So a bug fix should be scheduled for this version as well.