CVE-2025-54316

An issue was discovered in Logpoint before 7.6.0. When creating reports, attackers can create custom Jinja templates that chained built-in filter functions to generate XSS payloads. These payloads can be rendered by the Logpoint Report Template engine, making it vulnerable to cross-site scripting...

CVE-2025-54317

An issue was discovered in Logpoint before 7.6.0. An attacker with operator privileges can exploit a path traversal vulnerability when creating a Layout Template, which can lead to remote code execution RCE...

CVE-2025-54316

An issue was discovered in Logpoint before 7.6.0. When creating reports, attackers can create custom Jinja templates that chained built-in filter functions to generate XSS payloads. These payloads can be rendered by the Logpoint Report Template engine, making it vulnerable to cross-site scripting...

Logpoint 安全漏洞

Logpoint is a network security application from the Danish company Logpoint. A security vulnerability exists in Logpoint versions prior to 7.6.0 that stems from a path traversal vulnerability when creating layout templates, which could lead to remote code execution...

PT-2025-30214 · Logpoint · Logpoint

Name of the Vulnerable Software and Affected Versions: Logpoint versions prior to 7.6.0 Description: An issue exists in Logpoint that allows an attacker with operator privileges to exploit a path traversal vulnerability when creating a Layout Template. Successful exploitation can lead to remote...

CVE-2025-54316

An issue was discovered in Logpoint before 7.6.0. When creating reports, attackers can create custom Jinja templates that chained built-in filter functions to generate XSS payloads. These payloads can be rendered by the Logpoint Report Template engine, making it vulnerable to cross-site scripting...

CVE-2025-54317

CVE-2025-54317 affects Logpoint prior to 7.6.0. A path traversal vulnerability in the creation of a Layout Template can be exploited by an attacker with operator privileges to achieve remote code execution (RCE). The issue is documented across multiple sources (e.g., Red Hat, CVE databases, PT Se...

CVE-2025-54317

An issue was discovered in Logpoint before 7.6.0. An attacker with operator privileges can exploit a path traversal vulnerability when creating a Layout Template, which can lead to remote code execution RCE...

CVE-2025-54316

CVE-2025-54316 affects Logpoint prior to 7.6.0. A vulnerability in the Report Template engine allows an attacker to craft custom Jinja templates that chain built-in filter functions to generate XSS payloads , which can be rendered when creating reports. The CVE entry has a CVSS v3.1 base score of...

Logpoint 跨站脚本漏洞

Logpoint is a network security application from Logpoint Denmark. A cross-site scripting vulnerability exists in Logpoint versions prior to 7.6.0, which stems from a failure to validate a Jinja template when creating a report, and could lead to a cross-site scripting attack...

CVE-2025-54317

An issue was discovered in Logpoint before 7.6.0. An attacker with operator privileges can exploit a path traversal vulnerability when creating a Layout Template, which can lead to remote code execution RCE...

PT-2025-30213 · Logpoint · Logpoint

Name of the Vulnerable Software and Affected Versions: Logpoint versions prior to 7.6.0 Description: An issue exists in Logpoint that allows attackers to create custom Jinja templates when creating reports. By chaining built-in filter functions within these templates, attackers can generate...

CVE-2025-54316

An issue was discovered in Logpoint before 7.6.0. When creating reports, attackers can create custom Jinja templates that chained built-in filter functions to generate XSS payloads. These payloads can be rendered by the Logpoint Report Template engine, making it vulnerable to cross-site scripting...

CVE-2024-29865

Logpoint before 7.1.0 allows Self-XSS on the LDAP authentication page via the username to the LDAP login form...

CVE-2024-33858

An issue was discovered in Logpoint before 7.4.0. A path injection vulnerability is seen while adding a CSV enrichment source. The sourcename parameter could be changed to an absolute path; this will write the CSV file to that path inside the /tmp directory...

CVE-2024-33857

An issue was discovered in Logpoint before 7.4.0. Due to a lack of input validation on URLs in threat intelligence, an attacker with low-level access to the system can trigger Server Side Request Forgery...

CVE-2024-33860

An issue was discovered in Logpoint before 7.4.0. It allows Local File Inclusion LFI when an arbitrary File Path is used within the File System Collector. The content of the file specified can be viewed in the incoming logs...

CVE-2024-33859

An issue was discovered in Logpoint before 7.4.0. HTML code sent through logs wasn't being escaped in the "Interesting Field" Web UI, leading to XSS...

CVE-2024-33856

An issue was discovered in Logpoint before 7.4.0. An attacker can enumerate a valid list of usernames by observing the response time at the Forgot Password endpoint...

CVE-2024-48951

An issue was discovered in Logpoint before 7.5.0. Server-Side Request Forgery SSRF on SOAR can be used to leak Logpoint's API Token leading to authentication bypass...