CVE-2024-56085

Name of the Vulnerable Software and Affected Versions Logpoint versions prior to 7.5.0

Description A problem was discovered in Logpoint where authenticated users can inject payloads while creating the Search Template Dashboard. These payloads are executed, leading to Server-Side Template Injection.

Recommendations For versions prior to 7.5.0, update to version 7.5.0 or later to resolve the issue. As a temporary workaround, consider restricting access to the Search Template Dashboard feature until a patch is applied. Avoid allowing users to inject custom payloads when creating dashboards to minimize the risk of exploitation.