SIEM
by Logpoint
CVEs (4)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2023-49950 | Med | 0.35 | 5.4 | 0.01 | Feb 3, 2024 | The Jinja templating in Logpoint SIEM 6.10.0 through 7.x before 7.3.0 does not correctly sanitize log data being displayed when using a custom Jinja template in the Alert view. A remote attacker can craft a cross-site scripting (XSS) payload and send it to any system or device… | ||
| CVE-2025-66359 | 0.00 | — | 0.00 | Nov 27, 2025 | An issue was discovered in Logpoint before 7.7.0. Insufficient input validation and a lack of output escaping in multiple components leads to a cross-site scripting (XSS) vulnerability. | |||
| CVE-2025-66360 | 0.00 | — | 0.00 | Nov 27, 2025 | An issue was discovered in Logpoint before 7.7.0. An improperly configured access control policy exposes sensitive Logpoint internal service (Redis) information to li-admin users. This can lead to privilege escalation. | |||
| CVE-2025-66361 | 0.00 | — | 0.00 | Nov 27, 2025 | An issue was discovered in Logpoint before 7.7.0. Sensitive information is exposed in System Processes for an extended period during high CPU load. |
- risk 0.35cvss 5.4epss 0.01
The Jinja templating in Logpoint SIEM 6.10.0 through 7.x before 7.3.0 does not correctly sanitize log data being displayed when using a custom Jinja template in the Alert view. A remote attacker can craft a cross-site scripting (XSS) payload and send it to any system or device…
- CVE-2025-66359Nov 27, 2025risk 0.00cvss —epss 0.00
An issue was discovered in Logpoint before 7.7.0. Insufficient input validation and a lack of output escaping in multiple components leads to a cross-site scripting (XSS) vulnerability.
- CVE-2025-66360Nov 27, 2025risk 0.00cvss —epss 0.00
An issue was discovered in Logpoint before 7.7.0. An improperly configured access control policy exposes sensitive Logpoint internal service (Redis) information to li-admin users. This can lead to privilege escalation.
- CVE-2025-66361Nov 27, 2025risk 0.00cvss —epss 0.00
An issue was discovered in Logpoint before 7.7.0. Sensitive information is exposed in System Processes for an extended period during high CPU load.