CVE-2025-46827

Name of the Vulnerable Software and Affected Versions Graylog versions prior to 6.0.14 Graylog versions prior to 6.1.10 Graylog versions prior to 6.2.0

Description Graylog is a log management platform. An issue exists where user session cookies can be obtained by submitting an HTML form within an Event Definition Remediation Step field. To successfully exploit this, an attacker requires a user account with the ability to create event definitions and permissions to view alerts. An active Input capable of receiving form data, such as an HTTP input, TCP raw, or syslog, must also be present on the Graylog server.

Recommendations Graylog versions prior to 6.0.14 should be updated to version 6.0.14 or later. Graylog versions prior to 6.1.10 should be updated to version 6.1.10 or later. Graylog versions prior to 6.2.0 should be updated to version 6.2.0 or later.