CVE-2024-40700

IBM Security Verify Access Appliance and Container 10.0.0 through 10.0.8 is vulnerable to cross-site scripting. This vulnerability allows an unauthenticated attacker to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.

Published: Feb 4, 2025
Updated: May 4, 2025
CVE: CVE-2024-40700
Exploit:

No technical information available.

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
ibm / security_verify_access	10.0.0	10.0.8.x
ibm / verify_identity_access	10.0.0	10.0.8.x

https://www.ibm.com/support/pages/node/7182386

Vulnerability Database

CVE-2024-40700