Impersonation of Microsoft accounts through split screen (ForceOP)

Very recently, a very serious vulnerability was discovered which allows you to impersonate any user through split screen so long as you can obtain their UUID. This effectively means that you can give yourself operator on a realm or any other server/world as long as you can obtain the UUID of a user which has that permission level.

Although I'm unsure if this is the best idea to share here, one of my friends found an open source project on Github which automates the process of giving yourself operator on any realm you're in by impersonating an MCBE client through the pocket.realms.minecraft.net endpoint, using the authorization from your Microsoft account. The project below seemingly has no reason it wouldn't work, and I'm quite disappointed that this is even possible, however it's very important now that this is fixed as soon as possible.

https://github.com/MrDiamond64/EliteElixir

A few potential ways to resolve this could be that permission level of the second account is either limited to the permission level of the first account, or possibly the second account forcibly inherits the default permission level, or even that operator is entirely disabled for the second account, but regardless of the solution it is very important that something is done as soon as possible.

Please for the sake of the entire Realms community, place this exploit onto some level of priority.