漏洞描述
IBM Security Verify Access(ISAM)是美国国际商业机器(IBM)公司的一款提高用户访问安全的服务。该服务通过使用基于风险的访问、单点登录、集成访问管理控制、身份联合以及移动多因子认证实现对Web、移动、IoT 和云技术等平台安全简单的访问 IBM Security Verify Access存在跨站请求伪造漏洞,该漏洞源于包含一个跨站请求伪造漏洞,这可能允许攻击者执行从网站信任的用户传输的恶意和未经授权的操作。
IBM Security Verify Access 跨站请求伪造漏洞
PoC代码
暂无相关漏洞推荐
- POC CVE-2024-29138: WordPress Restrict User Access <= 2.5 - Cross-Site Scripting
- POC grafana-unauth-access: Grafana Unauthenticated Access
- POC CVE-2021-20617: Acmailer - Improper Access Control to OS Command Injection
- POC CVE-2022-4940: WCFM Membership <= 2.10.0 - Broken Access Control
- POC CVE-2025-63387: Dify v1.9.1 - Broken Access Control
- POC jboss-jmx-console-unauth: JBoss JMX Console - Unauthenticated Access
- POC wp-all-in-one-wp-security-and-firewall-fpd: All In One WP Security & Firewall - Full Path Disclosure
- POC wp-better-wp-security-fpd: WordPress Plugin iThemes Security - Full Path Disclosure
- POC wp-better-wp-security-login-disclosure: WordPress Solid Security < 9.0.1 - Unauthenticated Login Page Disclosure
- Ksenia Security Lares 4.0 Home Automation 安全漏洞
- POC nexus-repository-anonymous-access: Nexus Repository Manager - Anonymous Access Enabled
- ZKTeco ZKBio CVSecurity /app/v1/photoBase64 目录遍历漏洞(CVE-2024-35431)
- POC CVE-2019-25213: WordPress Advanced Access Manager - Path Traversal