96 matches found
CVE-2025-9973
Due to not validating the organization context when executing adaptive authentication flows, the WSO2 Identity Server allows adaptive authentication logic to be triggered on unintended organizations. A malicious actor with privileges to configure adaptive authentication within one organization ca...
Secure Identity at the Edge: Akamai Partners with Auth0
The Akamai and Auth0 partnership secures identity at the edge by combining edge intelligence and adaptive authentication to stop fraud and enhance user trust...
EUVD-2025-209762
Due to not validating the organization context when executing adaptive authentication flows, the WSO2 Identity Server allows adaptive authentication logic to be triggered on unintended organizations. A malicious actor with privileges to configure adaptive authentication within one organization ca...
CVE-2025-9973
Due to not validating the organization context when executing adaptive authentication flows, the WSO2 Identity Server allows adaptive authentication logic to be triggered on unintended organizations. A malicious actor with privileges to configure adaptive authentication within one organization ca...
CVE-2025-9973 Authorization Bypass via Adaptive Authentication in WSO2 Identity Server Allows Cross-Organization Account Takeover
Due to not validating the organization context when executing adaptive authentication flows, the WSO2 Identity Server allows adaptive authentication logic to be triggered on unintended organizations. A malicious actor with privileges to configure adaptive authentication within one organization ca...
CVE-2025-9973 Authorization Bypass via Adaptive Authentication in WSO2 Identity Server Allows Cross-Organization Account Takeover
Due to not validating the organization context when executing adaptive authentication flows, the WSO2 Identity Server allows adaptive authentication logic to be triggered on unintended organizations. A malicious actor with privileges to configure adaptive authentication within one organization ca...
CVE-2025-9973
CVE-2025-9973 affects WS O2 Identity Server: failure to validate the organization context during adaptive authentication allows triggering authentication logic in other organizations/sub-organizations. This enables cross-organization authorization bypass, potentially leading to privilege escalati...
CVE-2025-9973
Due to not validating the organization context when executing adaptive authentication flows, the WSO2 Identity Server allows adaptive authentication logic to be triggered on unintended organizations. A malicious actor with privileges to configure adaptive authentication within one organization ca...
WSO2 Identity Server 访问控制错误漏洞
WSO2 Identity Server is an identity authentication server developed by the American company WSO2. WSO2 Identity Server has a control access vulnerability that arises from the lack of verification of organizational context during the execution of adaptive authentication processes. This vulnerabili...
PT-2026-39593
Name of the Vulnerable Software and Affected Versions WSO2 Identity Server affected versions not specified Description In multi-organization deployments, the software fails to validate the organization context during the execution of adaptive authentication flows. This allows a malicious actor wi...
EUVD-2008-7219
Malware in sbrugna...
EUVD-2014-2538
Malware in sbrugna...
EUVD-2017-14091
Malware in sbrugna...
EUVD-2014-4557
Malware in sbrugna...
EUVD-2012-4536
Malware in sbrugna...
EUVD-2011-1427
Malware in sbrugna...
EUVD-2014-0669
Malware in sbrugna...
EUVD-2014-0668
Malware in sbrugna...
EUVD-2025-30916
Malicious code in bioql PyPI...
CVE-2025-0663
A cross-tenant authentication vulnerability exists in multiple WSO2 products due to improper cryptographic design in Adaptive Authentication. A single cryptographic key is used across all tenants to sign authentication cookies, allowing a privileged user in one tenant to forge authentication...