PT-2025-30213 · Logpoint · Logpoint
Kripa Thapa
·
Published
2025-07-20
·
Updated
2025-07-20
·
CVE-2025-54316
CVSS v3.1
4.9
Medium
| Vector | AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:N |
Name of the Vulnerable Software and Affected Versions
Logpoint versions prior to 7.6.0
Description
An issue exists in Logpoint that allows attackers to create custom Jinja templates when creating reports. By chaining built-in filter functions within these templates, attackers can generate cross-site scripting (XSS) payloads. These payloads can be rendered by the Logpoint Report Template engine, leading to XSS attacks.
Recommendations
Update Logpoint to version 7.6.0 or later.
Fix
XSS
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Logpoint