4 matches found
CVE-2024-37345
There is a cross-site scripting vulnerability in the SecureAccess administrative UI of Absolute Secure Access prior to version 13.06.Attackers can pass a limited-length script to the administrative UI which isthen stored where an administrator can access it. The scope is unchanged, thereis no loss ...
CVE-2024-37343
There is a cross-site scripting vulnerability in the SecureAccess administrative console of Absolute Secure Access prior to version 13.06.Attackers with valid tunnel credentials can pass a limited-length script to theadministrative console which is then temporarily stored where an administratorusin...
CVE-2025-49082
CVE-2025-49082 is a vulnerability in the management consoleof Absolute Secure Access prior to version 13.56. Attackers with administrativeaccess to the console and who have been assigned a certain set of permissionscan bypass those permissions to improperly read other settings. The attackcomplexity...
CVE-2025-54085
CVE-2025-54085 is a vulnerability in the management consoleof Absolute Secure Access prior to version 13.56. Attackers with administrativeaccess to the console and who have been assigned a certain set of permissionscan bypass those permissions to improperly read or change other settings. Theattack ...