CVE-2025-54089 | THREATINT

Description

CVE-2025-54089 is a cross-site scripting vulnerability in versions of secure access prior to 14.10. Attackers with administrative access to the console can interfere with another administrator’s access to the console. The attack complexity is low; there are no attack requirements. Privileges required to execute the attack are high and the victim must actively participate in the attack sequence. There is no impact to confidentiality or availability, there is a low impact to integrity.

PUBLISHED Reserved 2025-07-16 | Published 2025-10-02 | Updated 2025-10-03 | Assigner Absolute

MEDIUM: 4.6CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:A/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N

Product status

Default status

unaffected

Any version before 14.10

affected

References

www.absolute.com/...ion/vulnerability-archive/cve-2025-54089

cve.org (CVE-2025-54089)

nvd.nist.gov (CVE-2025-54089)

Download JSON