CVE-2023-49950

The Jinja templating in Logpoint SIEM 6.10.0 through 7.x before 7.3.0 does not correctly sanitize log data being displayed when using a custom Jinja template in the Alert view. A remote attacker can craft a cross-site scripting XSS payload and send it to any system or device that sends logs to th...

CVE-2025-66360

An issue was discovered in Logpoint before 7.7.0. An improperly configured access control policy exposes sensitive Logpoint internal service Redis information to li-admin users. This can lead to privilege escalation...

CVE-2025-66361

An issue was discovered in Logpoint before 7.7.0. Sensitive information is exposed in System Processes for an extended period during high CPU load...

CVE-2025-66359

An issue was discovered in Logpoint before 7.7.0. Insufficient input validation and a lack of output escaping in multiple components leads to a cross-site scripting XSS vulnerability...

EUVD-2025-199836

An issue was discovered in Logpoint before 7.7.0. Sensitive information is exposed in System Processes for an extended period during high CPU load...

EUVD-2025-199835

An issue was discovered in Logpoint before 7.7.0. Insufficient input validation and a lack of output escaping in multiple components leads to a cross-site scripting XSS vulnerability...

EUVD-2025-199837

An issue was discovered in Logpoint before 7.7.0. An improperly configured access control policy exposes sensitive Logpoint internal service Redis information to li-admin users. This can lead to privilege escalation...

CVE-2025-66361

An issue was discovered in Logpoint before 7.7.0. Sensitive information is exposed in System Processes for an extended period during high CPU load...

CVE-2025-66359

An issue was discovered in Logpoint before 7.7.0. Insufficient input validation and a lack of output escaping in multiple components leads to a cross-site scripting XSS vulnerability...

CVE-2025-66359

An issue was discovered in Logpoint before 7.7.0. Insufficient input validation and a lack of output escaping in multiple components leads to a cross-site scripting XSS vulnerability...

CVE-2025-66360

An issue was discovered in Logpoint before 7.7.0. An improperly configured access control policy exposes sensitive Logpoint internal service Redis information to li-admin users. This can lead to privilege escalation...

CVE-2025-66361

An issue was discovered in Logpoint before 7.7.0. Sensitive information is exposed in System Processes for an extended period during high CPU load...

CVE-2025-66360

An issue was discovered in Logpoint before 7.7.0. An improperly configured access control policy exposes sensitive Logpoint internal service Redis information to li-admin users. This can lead to privilege escalation...

Logpoint SIEM 跨站脚本漏洞

Logpoint SIEM is a Security Information and Event Management SIEM solution from Logpoint, Inc. A cross-site scripting vulnerability exists in Logpoint SIEM versions prior to 7.7.0 that stems from insufficient input validation and output escaping, which could lead to cross-site scripting attacks...

Logpoint SIEM 安全漏洞

Logpoint SIEM is a Security Information and Event Management SIEM solution from Logpoint, Inc. A security vulnerability exists in Logpoint SIEM versions prior to 7.7.0 that stems from an improperly configured access control policy that could result in elevated privileges...

Logpoint SIEM 安全漏洞

Logpoint SIEM is a Security Information and Event Management SIEM solution from Logpoint, Inc. A security vulnerability exists in Logpoint SIEM versions prior to 7.7.0 that stems from prolonged exposure of sensitive information during high CPU loads...

PT-2025-48283

Name of the Vulnerable Software and Affected Versions Logpoint versions prior to 7.7.0 Description The software contains a cross-site scripting XSS issue due to insufficient input validation and a lack of output escaping in multiple components. Recommendations Update to version 7.7.0 or later...

CVE-2025-66360

An issue was discovered in Logpoint before 7.7.0. An improperly configured access control policy exposes sensitive Logpoint internal service Redis information to li-admin users. This can lead to privilege escalation...

CVE-2025-66360

Logpoint before 7.7.0 is affected. The issue stems from an improperly configured access control policy that exposes sensitive internal Redis service information to li-admin users, enabling privilege escalation. Affected software: Logpoint SIEM prior to 7.7.0. Root cause: misconfigured access cont...

CVE-2025-66359

An issue was discovered in Logpoint before 7.7.0. Insufficient input validation and a lack of output escaping in multiple components leads to a cross-site scripting XSS vulnerability...