Vulnerability Database

309,103

Total vulnerabilities in the database

CVE-2025-54089

CVE-2025-54089 is a cross-site scripting vulnerability in versions of secure access prior to 14.10. Attackers with administrative access to the console can interfere with another administrator’s access to the console. The attack complexity is low; there are no attack requirements. Privileges required to execute the attack are high and the victim must actively participate in the attack sequence. There is no impact to confidentiality or availability, there is a low impact to integrity.

Published: Oct 2, 2025
Updated: Nov 16, 2025
CVE: CVE-2025-54089
Severity: Low
Exploit:

CVSS v3:

Severity: Low
Score: 3.4
AV:N/AC:L/PR:H/UI:R/S:C/C:N/I:L/A:N

CWEs:

CWE-79

OWASP TOP 10:

A7 - Cross-Site Scripting (XSS)

Affected Software
References

Software	From	Fixed in
absolute / secure_access	-	14.10

https://www.absolute.com/platform/security-information/vulnerability-archive/cve-2025-54089

Deep Security Visibility Without the Complexity

SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.

No setup fees
5-min deployment
Cancel anytime

Book a Demo