CVE-2024-40873
Severity:
MEDIUM
Type:
CWE-79
Cross-Site Scripting (XSS)
Publication date:
25/07/2024
Last modified:
26/07/2024
Description
There is a cross-site scripting vulnerability in the Secure<br />
Access administrative console of Absolute Secure Access prior to version 13.07.<br />
Attackers with system administrator permissions can interfere with another<br />
system administrator’s use of the publishing UI when the administrators are<br />
editing the same management object. The scope is unchanged, there is no loss of<br />
confidentiality. Impact to system availability is none, impact to system<br />
integrity is high.
Impact
Base Score 3.x
4.50
Severity 3.x
MEDIUM