CNNVD-202507-2580 Information

CNNVD ID

CNNVD-202507-2580

Related CVE

CVE-2025-54316

• CNNVD Published: 2025-07-20

Description (Chinese)

Logpoint是丹麦Logpoint公司的一款网络安全应用程序。 Logpoint 7.6.0之前版本存在跨站脚本漏洞，该漏洞源于创建报告时未验证Jinja模板，可能导致跨站脚本攻击。

Description (English)

Logpoint is a network security application by Logpoint Denmark. Prior to Logpoint 7.6.0, there was a cross-site script loophole, which resulted from the failure to validate the Jinja template at the time of the creation of the report and could lead to cross-site script attacks.

Hazard Level

High

Vulnerability Type

跨站脚本

Affected Vendor

Logpoint

Published

2025-07-20

Last Modified

2026-02-24

References

https://servicedesk.logpoint.com/hc/en-us/articles/28685383084317-XSS-vulnerability-in-Report-Templates-using-built-in-Jinja-filter-functions https://access.redhat.com/security/cve/cve-2025-54316

Patch

https://servicedesk.logpoint.com/hc/en-us/articles/28685383084317-XSS-vulnerability-in-Report-Templates-using-built-in-Jinja-filter-functions