CVE-2024-33859

An issue was discovered in Logpoint before 7.4.0. HTML code sent through logs wasn't being escaped in the "Interesting Field" Web UI, leading to XSS.
Configurations

No configuration.

History

21 Nov 2024, 09:17

Type Values Removed Values Added
References () https://servicedesk.logpoint.com/hc/en-us/articles/18533927651357-XSS-in-Interesting-Fields-in-Logpoint-Web-UI - () https://servicedesk.logpoint.com/hc/en-us/articles/18533927651357-XSS-in-Interesting-Fields-in-Logpoint-Web-UI -
References () https://www.logpoint.com/ - () https://www.logpoint.com/ -

19 Nov 2024, 22:35

Type Values Removed Values Added
Summary
  • (es) Se descubrió un problema en Logpoint antes de 7.4.0. El código HTML enviado a través de registros no se escapaba en la interfaz de usuario web "Campo interesante", lo que generaba XSS.
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 6.1
CWE CWE-79

07 May 2024, 17:15

Type Values Removed Values Added
New CVE

Information

Published : 2024-05-07 17:15

Updated : 2024-11-21 09:17


NVD link : CVE-2024-33859

Mitre link : CVE-2024-33859

CVE.ORG link : CVE-2024-33859


JSON object : View

Products Affected

No product.

CWE
CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')