There's no easy answer to this issue. The only way to solve it is by implementing the custom domain into the applications and Azure AD B2C. This issue is also known by OpenID Connect: https://openid.net/specs/openid-connect-frontchannel-1_0.html#ThirdPartyContent; basically, many browsers block the cookie value from other websites.

You can check the microsoft documentation too: https://learn.microsoft.com/en-us/entra/identity-platform/reference-third-party-cookies-spas

To solve it, you need to use a custom domain. In my case, it's something I will need, so it becomes a bit convenient. My Azure AD B2C is using a new subdomain called login.mydomain.com, and my apps are at app1.mydomain.com and app2.mydomain.com. So when the iframe calls app1.mydomain.com/logout, the session is revoked as well, and every logged user/cache is cleared.