Vulnerability Description
There is a cross-site scripting vulnerability in the Secure Access administrative console of Absolute Secure Access prior to version 13.53. Attackers with system administrator permissions can interfere with another system administrator’s use of the management console when the second administrator logs in. Attack complexity is high, attack requirements are present, privileges required are none, user interaction is required. The impact to confidentiality is low, the impact to availability is none, and the impact to system integrity is none.
Related Weaknesses (CWE)
References
FAQ
What is CVE-2025-27705?
CVE-2025-27705 is a documented vulnerability. There is a cross-site scripting vulnerability in the Secure Access administrative console of Absolute Secure Access prior to version 13.53. Attackers with system administrator permissions can interfer...
How severe is CVE-2025-27705?
CVSS scoring is not yet available for CVE-2025-27705. Check NVD for updates.
Is there a patch for CVE-2025-27705?
Check the references section above for vendor advisories and patch information. Review vendor security bulletins for remediation guidance.