Advisory ID: LVD-2022-0001
CVSSv 3.1 Vector: AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
CVSSv 3.1 Base Score: 4.8
Severity: Medium
CVE: CVE-2024-29865
CWE: CWE-79
Date Published: 2024-03-22
Description:
Self Cross-site scripting (Self-XSS) was seen on the LDAP authentication page because the username field on the LDAP login form was not sanitized.
Affected Product:
Logpoint v7.0.1 and earlier
Solution:
Upgrade to Logpoint v7.1.0
Acknowledgments:
Marcus Nilsson and Christian Rellmann from USD.
Comments
Article is closed for comments.