From 5ddb79cbe6ae4bd591df81428139aa468d23ad24 Mon Sep 17 00:00:00 2001
From: Bastian <bastian.ike@aoe.com>
Date: Wed, 18 Jan 2023 13:06:36 +0100
Subject: [PATCH] fix(account): do not leak into messages (#16212)

Closes #16211
---
 .../keycloak/services/resources/account/AccountConsole.java    | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/services/src/main/java/org/keycloak/services/resources/account/AccountConsole.java b/services/src/main/java/org/keycloak/services/resources/account/AccountConsole.java
index 11ec432070..53f419b814 100644
--- a/services/src/main/java/org/keycloak/services/resources/account/AccountConsole.java
+++ b/services/src/main/java/org/keycloak/services/resources/account/AccountConsole.java
@@ -111,7 +111,8 @@ public class AccountConsole {
             if (auth != null) user = auth.getUser();
             Locale locale = session.getContext().resolveLocale(user);
             map.put("locale", locale.toLanguageTag());
-            Properties messages = theme.getMessages(locale);
+            Properties messages = new Properties();
+            messages.putAll(theme.getMessages(locale));
             if(StringUtil.isNotBlank(realm.getDefaultLocale())) {
                 messages.putAll(realm.getRealmLocalizationTextsByLocale(realm.getDefaultLocale()));
             }