CVE-2022-48684

An issue was discovered in Logpoint before 7.1.1. Template injection was seen in the search template. The search template uses jinja templating for generating dynamic data. This could be abused to achieve code execution. Any user with access to create a search template can leverage this to execut...

CVE-2022-48685

An issue was discovered in Logpoint 7.1 before 7.1.2. The daily executed cron file cleansecbioldlogs is writable by all users and is executed as root, leading to privilege escalation...

Logpoint 安全漏洞

Logpoint is a network security application from the Danish company Logpoint. A security vulnerability exists in Logpoint versions prior to 7.1.1, which stems from a template injection vulnerability in the search template function...

CVE-2024-29865

Logpoint before 7.1.0 allows Self-XSS on the LDAP authentication page via the username to the LDAP login form...

CVE-2024-29865

Logpoint before 7.1.0 allows Self-XSS on the LDAP authentication page via the username to the LDAP login form...

CVE-2024-29865

Logpoint before 7.1.0 allows Self-XSS on the LDAP authentication page via the username to the LDAP login form...

Logpoint 安全漏洞

Logpoint is a network security application from the Danish company Logpoint. A security vulnerability exists in Logpoint versions prior to 7.1.0 that stems from the presence of cross-site scripting XSS on the LDAP authentication page...

CVE-2024-29865

Logpoint before 7.1.0 is vulnerable to Self-XSS on the LDAP authentication page when the attacker-supplied username is entered into the LDAP login form. Affected software: Logpoint prior to 7.1.0. Root cause: cross-site scripting on the LDAP login page. Impact: Self-XSS; exploitation requires use...

CVE-2024-29865

Logpoint before 7.1.0 allows Self-XSS on the LDAP authentication page via the username to the LDAP login form...

CVE-2023-49950

The Jinja templating in Logpoint SIEM 6.10.0 through 7.x before 7.3.0 does not correctly sanitize log data being displayed when using a custom Jinja template in the Alert view. A remote attacker can craft a cross-site scripting XSS payload and send it to any system or device that sends logs to th...

CVE-2023-49950

The Jinja templating in Logpoint SIEM 6.10.0 through 7.x before 7.3.0 does not correctly sanitize log data being displayed when using a custom Jinja template in the Alert view. A remote attacker can craft a cross-site scripting XSS payload and send it to any system or device that sends logs to th...

Cross site scripting

The Jinja templating in Logpoint SIEM 6.10.0 through 7.x before 7.3.0 does not correctly sanitize log data being displayed when using a custom Jinja template in the Alert view. A remote attacker can craft a cross-site scripting XSS payload and send it to any system or device that sends logs to th...

CVE-2023-49950

Summary (concrete): CVE-2023-49950 affects Logpoint SIEM 6.10.0 through 7.x before 7.3.0. A vulnerability in Jinja templating fails to sanitize log data displayed in the Alert view when using a custom template, allowing a remote attacker to craft an XSS payload and potentially cause sensitive dat...

Logpoint SIEM Cross-Site Scripting Vulnerability

Logpoint SIEM is a Security Information and Event Management SIEM solution from Logpoint. A cross-site scripting vulnerability exists in Logpoint SIEM versions v6.1.0d through 7.3.0, which stems from a Jinja template that fails to properly review displayed log data.A remote attacker can construct...

CVE-2023-49950

The Jinja templating in Logpoint SIEM 6.10.0 through 7.x before 7.3.0 does not correctly sanitize log data being displayed when using a custom Jinja template in the Alert view. A remote attacker can craft a cross-site scripting XSS payload and send it to any system or device that sends logs to th...

CVE-2023-49950

The Jinja templating in Logpoint SIEM 6.10.0 through 7.x before 7.3.0 does not correctly sanitize log data being displayed when using a custom Jinja template in the Alert view. A remote attacker can craft a cross-site scripting XSS payload and send it to any system or device that sends logs to th...

PT-2024-13839 · Logpoint · Logpoint Siem

Name of the Vulnerable Software and Affected Versions: Logpoint SIEM versions 6.10.0 through 7.x before 7.3.0 Description: The Jinja templating in Logpoint SIEM does not correctly sanitize log data being displayed when using a custom Jinja template in the Alert view. A remote attacker can craft a...

LogPoint Detection

Detection of LogPoint. The script sends a connection request to the server and attempts to detect LogPoint and to extract its version. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...

LogPoint RCE Vulnerability

LogPoint is prone to an unauthenticated remote command execution RCE vulnerability. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

Logpoint < 5.6.4 - Unauthenticated Root Remote Code Execution Exploit

Exploit for linux platform in category remote exploits Exploit Title: Unauthenticated remote root code execution on logpoint 5.6.4 Date: 11/06/17 Exploit Author: agix Vendor Homepage: https://www.logpoint.com Version: logpoint 5.6.4 Tested on: 5.6.2 Vendor contact 19/04 Exploit details sent to th...