CVE-2025-27706 – Absolute Secure Access Cross-Site Scripting

CVE ID : CVE-2025-27706

Published : May 28, 2025, 9:15 p.m. | 29 minutes ago

Description : CVE-2025-27706 is a cross-site scripting vulnerability in the management
console of Absolute Secure Access prior to version 13.54. Attackers
with system administrator permissions can interfere with another system
administrator’s use of the management console when the second
administrator visits the page. Attack complexity is low, there are no
preexisting attack requirements, privileges required are high and active
user interaction is required. There is no impact on confidentiality,
the impact on integrity is low and there is no impact on availability.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…