CVE-2025-54316

Vulnerability

Overview

An XSS vulnerability exists in Logpoint versions prior to 7.6.0. The issue stems from the Report Template engine, which processes user-created Jinja templates. Attackers can craft templates by chaining built-in Jinja filter functions to generate and inject malicious scripts (e.g., JavaScript) into report output [1]. This occurs because user-supplied template content is not adequately sanitized before rendering.

Exploitation

To exploit this, an attacker must have the ability to create or modify report templates in Logpoint. This typically requires authenticated access with report creation privileges. The crafted template is then executed by the Report Template engine, causing the XSS payload to be rendered when the report is accessed by other users, including potentially administrators [1]. The attack vector is network-based, with high attack complexity and low privileges required, per the CVSS vector [1].

Impact

Successful exploitation allows an attacker to execute arbitrary JavaScript in the context of a victim's browser session when they view the compromised report. This can lead to session hijacking, credential theft, or defacement. The impact is amplified if an administrator views the report, potentially exposing higher-privileged sessions [1].

Mitigation

Logpoint has addressed this vulnerability in version 7.6.0. Users running any earlier version (7.5.0 and below) should upgrade to 7.6.0 or later to remediate the issue [1]. No workarounds have been published.