Secure Access Security Vulnerabilities
There is a cross-site scripting vulnerability in the SecureAccess administrative console of Absolute Secure Access prior to version 13.06.Attackers with valid tunnel credentials can pass a limited-length script to theadministrative console which is then temporarily stored where an administratorusin...
5.4CVSS
4.9AI Score
0.0004EPSS
There is a cross-site scripting vulnerability in the Policymanagement UI of Absolute Secure Access prior to version 13.06. Attackers withsystem administrator permissions can interfere with another systemadministrator’s use of the policy management UI when the administrators areediting the same poli...
4.5CVSS
4.5AI Score
0.0004EPSS
There is a cross-site scripting vulnerability in the SecureAccess administrative UI of Absolute Secure Access prior to version 13.06.Attackers can pass a limited-length script to the administrative UI which isthen stored where an administrator can access it. The scope is unchanged, thereis no loss ...
5.4CVSS
5AI Score
0.0005EPSS
There is an insufficient input validation vulnerability inthe Warehouse component of Absolute Secure Access prior to 13.06. Attackerswith system administrator permissions can impair the availability of certainelements of the Secure Access administrative UI by writing invalid data to thewarehouse ov...
4.9CVSS
5.2AI Score
0.0004EPSS
There is a cross-site scripting vulnerability in the poolconfiguration component of the management UI of Absolute Secure Access prior to13.06. Attackers with system administrator permissions can pass a limitedlength script to be run by another administrator. The scope is unchanged, thereis no loss ...
4.5CVSS
4.5AI Score
0.0004EPSS
There is a cross-sitescripting vulnerability in the management UI of Absolute Secure Access prior toversion 13.06. Attackers with system administrator permissions can interferewith another system administrator’s use of the management UI when the secondadministrator later edits the same management o...
4.5CVSS
4.5AI Score
0.0004EPSS
There is a cross-site scripting vulnerability in themanagement UI of Absolute Secure Access prior to version 13.06. Attackers withsystem administrator permissions can interfere with other systemadministrator’s use of the management UI when the victim administrator editsthe same management object. T...
4.5CVSS
4.3AI Score
0.0004EPSS
There is a cross-site scripting vulnerability in the policymanagement UI of Absolute Secure Access prior to version 13.06. Attackers caninterfere with a system administrator’s use of the policy management UI whenthe attacker convinces the victim administrator to follow a crafted link to thevulnerab...
6.5CVSS
6AI Score
0.0005EPSS
There is a cross-site scripting vulnerability in themanagement UI of Absolute Secure Access prior to version 13.06. Attackers withsystem administrator permissions can interfere with other systemadministrator’s use of the management UI when the second administrator lateredits the same management obj...
4.5CVSS
4.3AI Score
0.0004EPSS
There is a cross-site scripting vulnerability in themanagement UI of Absolute Secure Access prior to version 13.06 that allowsattackers with system administrator permissions to interfere with other systemadministrators’ use of the management UI when the second administrator accessesthe vulnerable p...
4.5CVSS
4.4AI Score
0.0004EPSS
There is a cross-site scripting vulnerability in the SecureAccess administrative console of Absolute Secure Access prior to version 13.07.Attackers with system administrator permissions can interfere with anothersystem administrator’s use of the publishing UI when the administrators areediting the ...
4.5CVSS
4.5AI Score
0.0004EPSS