IBM DataPower Gateway is a set of security and integration platforms from IBM USA designed specifically for mobile, cloud, application programming interface (API), web, service-oriented architecture (SOA), B2B, and cloud workloads. The platform protects, integrates, and optimizes access across channels using a dedicated gateway platform.A cross-site request forgery vulnerability exists in IBM DataPower Gateway V10CD version, version 10.0.1, and version 2018.4.1, which stems from a WEB application that does not adequately validate that the request is from a trusted user. An attacker could use the vulnerability to spoof malicious requests to trick victims into clicking to perform sensitive operations.