279 matches found
CVE-2025-46827
Graylog is a free and open log management platform. Prior to versions 6.0.14, 6.1.10, and 6.2.0, it is possible to obtain user session cookies by submitting an HTML form as part of an Event Definition Remediation Step field. For this attack to succeed, the attacker needs a user account with...
org.graylog.plugins:graylog-plugin-parent (>=6.0.0 <=6.0.13), org.graylog.plugins:graylog-plugin-web-parent (>=6.0.0 <=6.0.13) potentially affected by CVE-2025-46827 via org.graylog2:graylog2-server (>=6.0.0 <=6.0.13)
org.graylog2:graylog2-server MAVEN version =6.0.0, =6.0.0, =6.0.0, =6.0.13 Source cves: CVE-2025-46827 Source advisory: SNYK:JAVA-ORGGRAYLOG2-10116752...
com.airbus-cyber-security.graylog:graylog-plugin-alert-wizard (>=6.1.0 <=6.1.3), com.airbus-cyber-security.graylog:graylog-plugin-correlation-count (=6.1.0) +3 more potentially affected by CVE-2025-46827 via org.graylog2:graylog2-server (>=6.1.0 <=6.1.1)
org.graylog2:graylog2-server MAVEN version =6.1.0, =6.1.0, =6.1.0, =6.1.0, =6.1.0, =6.1.1 Source cves: CVE-2025-46827 Source advisory: SNYK:JAVA-ORGGRAYLOG2-10116752...
Cross-site Scripting (XSS)
Overview org.graylog2:graylog2-server is a log management platform. Affected versions of this package are vulnerable to Cross-site Scripting XSS via the Event Definition Remediation Step field. An attacker can obtain user session cookies by submitting an HTML form. Note: This is only exploitable ...
CVE-2025-46827
Graylog is a free and open log management platform. Prior to versions 6.0.14, 6.1.10, and 6.2.0, it is possible to obtain user session cookies by submitting an HTML form as part of an Event Definition Remediation Step field. For this attack to succeed, the attacker needs a user account with...
CVE-2025-46827
Graylog has a vulnerability (CVE-2025-46827) where an HTML form in an Event Definition Remediation Step can leak user session cookies if an attacker has create-event-definition rights and the victim can view alerts, with an active input to receive form data. Affected versions are before 6.0.14, 6...
CVE-2025-46827 Graylog Allows Session Takeover via Insufficient HTML Sanitization
Graylog is a free and open log management platform. Prior to versions 6.0.14, 6.1.10, and 6.2.0, it is possible to obtain user session cookies by submitting an HTML form as part of an Event Definition Remediation Step field. For this attack to succeed, the attacker needs a user account with...
CVE-2025-46827 Graylog Allows Session Takeover via Insufficient HTML Sanitization
Graylog is a free and open log management platform. Prior to versions 6.0.14, 6.1.10, and 6.2.0, it is possible to obtain user session cookies by submitting an HTML form as part of an Event Definition Remediation Step field. For this attack to succeed, the attacker needs a user account with...
CVE-2025-46827 Graylog Allows Session Takeover via Insufficient HTML Sanitization
Graylog is a free and open log management platform. Prior to versions 6.0.14, 6.1.10, and 6.2.0, it is possible to obtain user session cookies by submitting an HTML form as part of an Event Definition Remediation Step field. For this attack to succeed, the attacker needs a user account with...
com.airbus-cyber-security.graylog:graylog-plugin-alert-wizard (>=6.1.0 <=6.1.3), com.airbus-cyber-security.graylog:graylog-plugin-correlation-count (=6.1.0) +3 more potentially affected by CVE-2025-46827 via org.graylog2:graylog2-server (>=6.1.0 <=6.1.1)
org.graylog2:graylog2-server MAVEN version =6.1.0, =6.1.0, =6.1.0, =6.1.0, =6.1.0, =6.1.1 Source cves: CVE-2025-46827 Source advisory: OSV:GHSA-76VF-MPMX-777J...
com.airbus-cyber-security.graylog:graylog-plugin-aggregation-count (>=1.1.0 <=4.1.1), com.airbus-cyber-security.graylog:graylog-plugin-alert-wizard (>=1.0.0 <=5.2.1) +12 more potentially affected by CVE-2025-46827 via org.graylog2:graylog2-server (>=1.0.0-beta.3 <=6.0.13)
org.graylog2:graylog2-server MAVEN version =1.0.0-beta.3, =1.1.0, =1.0.0, =1.1.0, =1.0.0, =1.0.0, =1.0.0, =1.0.1, =2.2.0, =1.1.0, =2.2.0, =2.2.0, =1.0.3, =1.0.0, =1.2.0, =1.3.4 Source cves: CVE-2025-46827 Source advisory: OSV:GHSA-76VF-MPMX-777J...
Graylog Allows Session Takeover via Insufficient HTML Sanitization
Impact It is possible to obtain user session cookies by submitting an HTML form as part of an Event Definition Remediation Step field. For this attack to succeed, the attacker needs a user account with permissions to create event definitions, while the user must have permissions to view alerts...
GHSA-76VF-MPMX-777J Graylog Allows Session Takeover via Insufficient HTML Sanitization
Impact It is possible to obtain user session cookies by submitting an HTML form as part of an Event Definition Remediation Step field. For this attack to succeed, the attacker needs a user account with permissions to create event definitions, while the user must have permissions to view alerts...
Cross-site Scripting (XSS)
Overview org.graylog2:graylog2-server is a log management platform. Affected versions of this package are vulnerable to Cross-site Scripting XSS via the plugins and API Browser. An attacker with the FILESCREATE permission can upload and execute arbitrary Javascript, leading to unauthorized action...
com.airbus-cyber-security.graylog:graylog-plugin-aggregation-count (>=1.1.0 <=4.1.1), com.airbus-cyber-security.graylog:graylog-plugin-alert-wizard (>=1.0.0 <=6.1.7) +12 more potentially affected by unknown CVE via org.graylog2:graylog2-server (>=1.0.0-beta.3 <=6.1.8)
org.graylog2:graylog2-server MAVEN version =1.0.0-beta.3, =1.1.0, =1.0.0, =1.1.0, =1.0.0, =1.0.0, =1.0.0, =1.0.1, =2.2.0, =1.1.0, =2.2.0, =2.2.0, =1.0.3, =1.0.0, =1.2.0, =1.3.4 Source cves: unknown CVE Source advisory: OSV:GHSA-Q9Q2-3PPX-MWQF...
com.airbus-cyber-security.graylog:graylog-plugin-alert-wizard (>=6.0.0 <=6.1.7), com.airbus-cyber-security.graylog:graylog-plugin-correlation-count (>=6.0.0 <=6.1.0) +3 more potentially affected by unknown CVE via org.graylog2:graylog2-server (>=6.0.0 <=6.1.8)
org.graylog2:graylog2-server MAVEN version =6.0.0, =6.0.0, =6.0.0, =6.0.0, =6.0.0, =6.0.0, =6.1.16 Source cves: unknown CVE Source advisory: SNYK:JAVA-ORGGRAYLOG2-10121303...
GHSA-Q9Q2-3PPX-MWQF Graylog Allows Stored Cross-Site Scripting via Files Plugin and API Browser
Impact Two minor vulnerabilities were identified in the Graylog2 enterprise server, which can be combined to carry out a stored cross-site scripting attack. An attacker with the permission FILESCREATE can exploit these vulnerabilities to upload arbitrary Javascript code to the Graylog2 server,...
Graylog Allows Stored Cross-Site Scripting via Files Plugin and API Browser
Impact Two minor vulnerabilities were identified in the Graylog2 enterprise server, which can be combined to carry out a stored cross-site scripting attack. An attacker with the permission FILESCREATE can exploit these vulnerabilities to upload arbitrary Javascript code to the Graylog2 server,...
Graylog 跨站脚本漏洞
Graylog is a centralized log management solution from the US company Graylog. The product supports capturing, storing, and analyzing logs in real-time, among other things. A cross-site scripting vulnerability exists in Graylog versions prior to 6.2.0, which stems from an HTML form that can be...
PT-2025-20234 · Graylog · Graylog
Name of the Vulnerable Software and Affected Versions: Graylog versions prior to 6.0.14 Graylog versions prior to 6.1.10 Graylog versions prior to 6.2.0 Description: The issue allows an attacker to obtain user session cookies by submitting an HTML form as part of an Event Definition Remediation...