QwikSec

Security Database

CVE

CWE

Training

CVE Database
/

CVE-2025-27705

Back to search

CVE-2025-27705

Published: Mar 19, 2025

Modified: Mar 19, 2025

PUBLISHED

Description

There is a cross-site scripting vulnerability in the Secure Access administrative console of Absolute Secure Access prior to version 13.53. Attackers with system administrator permissions can interfere with another system administrator’s use of the management console when the second administrator logs in. Attack complexity is high, attack requirements are present, privileges required are none, user interaction is required. The impact to confidentiality is low, the impact to availability is none, and the impact to system integrity is none.

VendorProductVersions

Absolute Security

Secure Access

affected
0 - <= 13.52

Weaknesses (CWE)

CWE-79

References

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now