CVE-2025-27704

None

Description

There is a cross-site scripting vulnerability in the Secure Access administrative console of Absolute Secure Access prior to version 13.53. Attackers with system administrator permissions can interfere with another system administrator’s use of the management console when the second administrator logs in. Attack complexity is high, attack requirements are present, privileges required are none, user interaction is required. The impact to confidentiality is low, the impact to availability is none, and the impact to system integrity is none.

INFO

Published Date :

2025-03-19T19:08:26.262Z

Last Modified :

2025-04-03T13:06:17.528Z

Source :

Absolute

AFFECTED PRODUCTS

The following products are affected by CVE-2025-27704 vulnerability.

No data.

REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2025-27704.

URL	Resource
https://www.absolute.com/platform/security-information/vulnerability-archive/secure-access-1353/

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.

Attack Vector

Attack Complexity

Attack Requirements

Privileges Required

User Interaction

VS Confidentiality

VS Integrity

VS Availability

SS Confidentiality

SS Integrity

SS Availability