CVE-2025-27704 Information

Description

There is a cross-site scripting vulnerability in the Secure Access administrative console of Absolute Secure Access prior to version 13.53. Attackers with system administrator permissions can interfere with another system administrator’s use of the management console when the second administrator logs in. Attack complexity is high attack requirements are present privileges required are none user interaction is required. The impact to confidentiality is low the impact to availability is none and the impact to system integrity is none.

Reference

https://www.absolute.com/platform/security-information/vulnerability-archive/secure-access-1353/