96 matches found
CVE-2025-9973
Due to not validating the organization context when executing adaptive authentication flows, the WSO2 Identity Server allows adaptive authentication logic to be triggered on unintended organizations. A malicious actor with privileges to configure adaptive authentication within one organization ca...
Secure Identity at the Edge: Akamai Partners with Auth0
The Akamai and Auth0 partnership secures identity at the edge by combining edge intelligence and adaptive authentication to stop fraud and enhance user trust...
EUVD-2025-209762
Due to not validating the organization context when executing adaptive authentication flows, the WSO2 Identity Server allows adaptive authentication logic to be triggered on unintended organizations. A malicious actor with privileges to configure adaptive authentication within one organization ca...
CVE-2025-9973
Due to not validating the organization context when executing adaptive authentication flows, the WSO2 Identity Server allows adaptive authentication logic to be triggered on unintended organizations. A malicious actor with privileges to configure adaptive authentication within one organization ca...
CVE-2025-9973
Due to not validating the organization context when executing adaptive authentication flows, the WSO2 Identity Server allows adaptive authentication logic to be triggered on unintended organizations. A malicious actor with privileges to configure adaptive authentication within one organization ca...
CVE-2025-9973 Authorization Bypass via Adaptive Authentication in WSO2 Identity Server Allows Cross-Organization Account Takeover
Due to not validating the organization context when executing adaptive authentication flows, the WSO2 Identity Server allows adaptive authentication logic to be triggered on unintended organizations. A malicious actor with privileges to configure adaptive authentication within one organization ca...
CVE-2025-9973 Authorization Bypass via Adaptive Authentication in WSO2 Identity Server Allows Cross-Organization Account Takeover
Due to not validating the organization context when executing adaptive authentication flows, the WSO2 Identity Server allows adaptive authentication logic to be triggered on unintended organizations. A malicious actor with privileges to configure adaptive authentication within one organization ca...
CVE-2025-9973
CVE-2025-9973 affects WS O2 Identity Server: failure to validate the organization context during adaptive authentication allows triggering authentication logic in other organizations/sub-organizations. This enables cross-organization authorization bypass, potentially leading to privilege escalati...
PT-2026-39593
Name of the Vulnerable Software and Affected Versions WSO2 Identity Server affected versions not specified Description In multi-organization deployments, the software fails to validate the organization context during the execution of adaptive authentication flows. This allows a malicious actor wi...
WSO2 Identity Server 访问控制错误漏洞
WSO2 Identity Server is an identity authentication server developed by the American company WSO2. WSO2 Identity Server has a control access vulnerability that arises from the lack of verification of organizational context during the execution of adaptive authentication processes. This vulnerabili...
EUVD-2008-7219
Malware in sbrugna...
EUVD-2011-1427
Malware in sbrugna...
EUVD-2012-4536
Malware in sbrugna...
EUVD-2014-4557
Malware in sbrugna...
EUVD-2014-0668
Malware in sbrugna...
EUVD-2014-0669
Malware in sbrugna...
EUVD-2014-2538
Malware in sbrugna...
EUVD-2017-14091
Malware in sbrugna...
EUVD-2025-30916
Malicious code in bioql PyPI...
CVE-2025-0663
A cross-tenant authentication vulnerability exists in multiple WSO2 products due to improper cryptographic design in Adaptive Authentication. A single cryptographic key is used across all tenants to sign authentication cookies, allowing a privileged user in one tenant to forge authentication...