Advisory ID: LVD-2024-0004
CVSSv 3.1 Vector: AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
CVSSv 3.1 Base Score: 5.4
Severity: Medium
CVE: CVE-2024-33859
CWE: CWE-79
Date Published: 2024-04-30
Description:
HTML code sent through logs wasn't being escaped in the Interesting Field in the UI, leading to XSS attack.
Affected Product:
Logpoint versions before 7.4.0
Solution:
Upgrade to Logpoint v7.4.0
Acknowledgments:
Jan Henrik Reimers
Hamburger Energiewerke
Comments
Article is closed for comments.