9 matches found
CVE-2023-49950
The Jinja templating in Logpoint SIEM 6.10.0 through 7.x before 7.3.0 does not correctly sanitize log data being displayed when using a custom Jinja template in the Alert view. A remote attacker can craft a cross-site scripting XSS payload and send it to any system or device that sends logs to th...
Logpoint SIEM 跨站脚本漏洞
Logpoint SIEM is a Security Information and Event Management SIEM solution from Logpoint, Inc. A cross-site scripting vulnerability exists in Logpoint SIEM versions prior to 7.7.0 that stems from insufficient input validation and output escaping, which could lead to cross-site scripting attacks...
CVE-2023-49950
The Jinja templating in Logpoint SIEM 6.10.0 through 7.x before 7.3.0 does not correctly sanitize log data being displayed when using a custom Jinja template in the Alert view. A remote attacker can craft a cross-site scripting XSS payload and send it to any system or device that sends logs to th...
Cross site scripting
The Jinja templating in Logpoint SIEM 6.10.0 through 7.x before 7.3.0 does not correctly sanitize log data being displayed when using a custom Jinja template in the Alert view. A remote attacker can craft a cross-site scripting XSS payload and send it to any system or device that sends logs to th...
Logpoint SIEM Cross-Site Scripting Vulnerability
Logpoint SIEM is a Security Information and Event Management SIEM solution from Logpoint. A cross-site scripting vulnerability exists in Logpoint SIEM versions v6.1.0d through 7.3.0, which stems from a Jinja template that fails to properly review displayed log data.A remote attacker can construct...
CVE-2023-49950
The Jinja templating in Logpoint SIEM 6.10.0 through 7.x before 7.3.0 does not correctly sanitize log data being displayed when using a custom Jinja template in the Alert view. A remote attacker can craft a cross-site scripting XSS payload and send it to any system or device that sends logs to th...
CVE-2023-49950
The Jinja templating in Logpoint SIEM 6.10.0 through 7.x before 7.3.0 does not correctly sanitize log data being displayed when using a custom Jinja template in the Alert view. A remote attacker can craft a cross-site scripting XSS payload and send it to any system or device that sends logs to th...
CVE-2023-49950
Summary (concrete): CVE-2023-49950 affects Logpoint SIEM 6.10.0 through 7.x before 7.3.0. A vulnerability in Jinja templating fails to sanitize log data displayed in the Alert view when using a custom template, allowing a remote attacker to craft an XSS payload and potentially cause sensitive dat...
PT-2024-13839 · Logpoint · Logpoint Siem
Name of the Vulnerable Software and Affected Versions: Logpoint SIEM versions 6.10.0 through 7.x before 7.3.0 Description: The Jinja templating in Logpoint SIEM does not correctly sanitize log data being displayed when using a custom Jinja template in the Alert view. A remote attacker can craft a...