exploitDog

CVE-2024-33859

Опубликовано: 07 мая 2024

Источник: nvd

CVSS3: 6.1

EPSS Низкий

Описание

An issue was discovered in Logpoint before 7.4.0. HTML code sent through logs wasn't being escaped in the "Interesting Field" Web UI, leading to XSS.

Ссылки

https://servicedesk.logpoint.com/hc/en-us/articles/18533927651357-XSS-in-Interesting-Fields-in-Logpoint-Web-UI
Vendor Advisory
https://www.logpoint.com/
Product
https://servicedesk.logpoint.com/hc/en-us/articles/18533927651357-XSS-in-Interesting-Fields-in-Logpoint-Web-UI
Vendor Advisory
https://www.logpoint.com/
Product

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:logpoint:siem:*:*:*:*:*:*:*:*

Версия до 7.4.0 (исключая)

EPSS

Процентиль: 66%

0.00514

Низкий

6.1 Medium

CVSS3

Дефекты

CWE-79

Связанные уязвимости

GHSA-8fpw-hmv9-f7c4

CVSS3: 6.1

github

больше 1 года назад

An issue was discovered in Logpoint before 7.4.0. HTML code sent through logs wasn't being escaped in the "Interesting Field" Web UI, leading to XSS.

EPSS

Процентиль: 66%

0.00514

Низкий

6.1 Medium

CVSS3

Дефекты

CWE-79