CVE-2024-40873

Name of the Vulnerable Software and Affected Versions Absolute Secure Access versions prior to 13.07

Description The issue is a cross-site scripting vulnerability in the Secure Access administrative console. Attackers with system administrator permissions can interfere with another system administrator's use of the publishing UI when editing the same management object. There is no loss of confidentiality, and the impact to system availability is none, but the impact to system integrity is high.

Recommendations For versions prior to 13.07, update to version 13.07 or later to resolve the issue. As a temporary workaround, consider restricting access to the Secure Access administrative console to minimize the risk of exploitation.