CVE-2024-37345

There is a cross-site scripting vulnerability in the Secure Access administrative UI of Absolute Secure Access prior to version 13.06. Attackers can pass a limited-length script to the administrative UI which is then stored where an administrator can access it. The scope is unchanged, there is no...

CVE-2024-37351

There is a cross-site scripting vulnerability in the management UI of Absolute Secure Access prior to version 13.06. Attackers with system administrator permissions can interfere with other system administrator’s use of the management UI when the second administrator later edits the same manageme...

CVE-2024-37350

There is a cross-site scripting vulnerability in the policy management UI of Absolute Secure Access prior to version 13.06. Attackers can interfere with a system administrator’s use of the policy management UI when the attacker convinces the victim administrator to follow a crafted link to the...

CVE-2024-37352 Cross-site scripting vulnerability in the Absolute Secure Access administrative console prior to 13.06

There is a cross-site scripting vulnerability in the management UI of Absolute Secure Access prior to version 13.06 that allows attackers with system administrator permissions to interfere with other system administrators’ use of the management UI when the second administrator accesses the...

CVE-2024-37352 Cross-site scripting vulnerability in the Absolute Secure Access administrative console prior to 13.06

There is a cross-site scripting vulnerability in the management UI of Absolute Secure Access prior to version 13.06 that allows attackers with system administrator permissions to interfere with other system administrators’ use of the management UI when the second administrator accesses the...

CVE-2024-37344

There is a cross-site scripting vulnerability in the Policy management UI of Absolute Secure Access prior to version 13.06. Attackers with system administrator permissions can interfere with another system administrator’s use of the policy management UI when the administrators are editing the sam...

CVE-2024-37349

CVE-2024-37349 describes a cross-site scripting vulnerability in the management UI of Absolute Secure Access prior to version 13.06. The issue allows attackers with system administrator permissions to interfere with other admins’ UI usage when the second administrator edits the same management ob...

CVE-2024-37348 Cross-site scripting vulnerability in the Absolute Secure Access administrative console prior to 13.06

There is a cross-site scripting vulnerability in the management UI of Absolute Secure Access prior to version 13.06. Attackers with system administrator permissions can interfere with another system administrator’s use of the management UI when the second administrator later edits the same...

CVE-2024-37345 Cross-site scripting vulnerability in the Absolute Secure Access administrative console prior to 13.06

There is a cross-site scripting vulnerability in the Secure Access administrative UI of Absolute Secure Access prior to version 13.06. Attackers can pass a limited-length script to the administrative UI which is then stored where an administrator can access it. The scope is unchanged, there is no...

CVE-2024-37345 Cross-site scripting vulnerability in the Absolute Secure Access administrative console prior to 13.06

There is a cross-site scripting vulnerability in the Secure Access administrative UI of Absolute Secure Access prior to version 13.06. Attackers can pass a limited-length script to the administrative UI which is then stored where an administrator can access it. The scope is unchanged, there is no...

CVE-2024-37343

CVE-2024-37343 describes a cross-site scripting vulnerability in the Absolute Secure Access administrative console (prior to version 13.06). Attackers with valid tunnel credentials can pass a limited-length script to the console, which is temporarily stored and could be triggered when an administ...

CVE-2024-37343 Cross-site scripting vulnerability in the Absolute Secure Access administrative console prior to 13.06

There is a cross-site scripting vulnerability in the Secure Access administrative console of Absolute Secure Access prior to version 13.06. Attackers with valid tunnel credentials can pass a limited-length script to the administrative console which is then temporarily stored where an administrato...

Absolute Secure Access Security Vulnerability

Absolute Secure Access is an application from Absolute, Inc. to provide Secure Service Edge SSE optimized for hybrid and mobile working models. A security vulnerability exists in versions prior to Absolute Secure Access 13.06. An attacker exploited the vulnerability resulting in a significant...

PT-2024-27491 · Absolute · Absolute Secure Access

Name of the Vulnerable Software and Affected Versions: Absolute Secure Access versions prior to 13.06 Description: There is a cross-site scripting issue in the management UI of Absolute Secure Access. Attackers with system administrator permissions can exploit this issue. Recommendations: For...

PT-2024-27492 · Absolute · Absolute Secure Access

Name of the Vulnerable Software and Affected Versions: Absolute Secure Access versions prior to 13.06 Description: The issue is a cross-site scripting vulnerability in the management UI of Absolute Secure Access. Attackers with system administrator permissions can interfere with other system...

Absolute Secure Access Security Vulnerability

Absolute Secure Access is an application from Absolute, Inc. to provide Secure Service Edge SSE optimized for hybrid and mobile working models. A security vulnerability exists in versions prior to Absolute Secure Access 13.06. An attacker exploited the vulnerability resulting in a significant...