CVE Details
Basic Information
| Title | CVE-2025-54316 |
|---|---|
| Type | cve |
| Published | 2025-07-20T00:00:00.000Z |
| Modified | 2025-07-20T18:55:59.023Z |
Product Information
| Vendor | Logpoint |
|---|---|
| Product | Logpoint |
| Version | 0 |
CVSS Information
| Base Score | 4.9 (MEDIUM) |
|---|---|
| Attack Vector | CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:N |
Affected Products
- Logpoint Logpoint 0
Additional Information
| CWE List | CWE-79 |
|---|---|
| Source | mitre |
Description
An issue was discovered in Logpoint before 7.6.0. When creating reports, attackers can create custom Jinja templates that chained built-in filter functions to generate XSS payloads. These payloads can be rendered by the Logpoint Report Template engine, making it vulnerable to cross-site scripting (XSS) attacks.