CVE-2025-54316 Information

Description

An issue was discovered in Logpoint before 7.6.0. When creating reports attackers can create custom Jinja templates that chained built-in filter functions to generate XSS payloads. These payloads can be rendered by the Logpoint Report Template engine making it vulnerable to cross-site scripting (XSS) attacks.

Reference

https://servicedesk.logpoint.com/hc/en-us/articles/28685383084317-XSS-vulnerability-in-Report-Templates-using-built-in-Jinja-filter-functions

Related CNNVD

CNNVD-202507-2580 (Published: 2025-07-20)