There is a cross-site scripting vulnerability in the Secure Access administrative console of Absolute Secure Access prior to version 13.07. Rated low severity (CVSS 3.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
XSS
Secure Access
NVD
CVSS 3.1
3.4
EPSS
0.3%
In affected versions of Octopus Server under certain conditions, a user with specific role assignments can access restricted project artifacts. Rated low severity (CVSS 2.2), this vulnerability is remotely exploitable. No vendor patch available.
Authentication Bypass
Octopus Server
NVD
CVSS 3.1
2.2
EPSS
0.2%