IBM Security Verify Access (ISAM) is a service from IBM USA that improves user access security. The service enables secure and simple access to platforms such as Web, mobile, IoT and cloud technologies through the use of risk-based access, single sign-on, integrated access management controls, identity federation and mobile multi-factor authentication IBM Security Verify Access has a cross-site scripting vulnerability that exists from inadequate cleaning of user-provided data. A remote user can trick victims into following specially crafted links and executing arbitrary HTML and scripting code on vulnerable websites in the user’s browser. A remote attacker could use this vulnerability to execute cross-site scripting (XSS) attacks.