| ID |
CVE-2025-54089
|
| Sažetak |
CVE-2025-54089 is a cross-site scripting vulnerability in versions
of secure access prior to 14.10. Attackers with administrative access to the
console can interfere with another administrator’s access to the console. The
attack complexity is low; there are no attack requirements. Privileges required
to execute the attack are high and the victim must actively participate in the
attack sequence. There is no impact to confidentiality or availability, there
is a low impact to integrity. |
| Reference |
|
| CVSS |
| Base: | 3.4 |
| Impact: | 1.4 |
| Exploitability: | 1.7 |
|
| Pristup |
| Vektor | Složenost | Autentikacija |
| NETWORK |
LOW |
HIGH |
|
| Impact |
| Povjerljivost | Cjelovitost | Dostupnost |
| NONE |
LOW |
NONE |
|
| CVSS vektor |
CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:N/I:L/A:N |
| Zadnje važnije ažuriranje |
16-10-2025 - 18:21 |
| Objavljeno |
02-10-2025 - 21:16 |
