CVE-2023-49950

Published: Feb 3, 2024Modified: Jun 17, 2025

5.4

Vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

Exploitability: 2.3 / Impact: 2.7

Source: NVD

Description

The Jinja templating in Logpoint SIEM 6.10.0 through 7.x before 7.3.0 does not correctly sanitize log data being displayed when using a custom Jinja template in the Alert view. A remote attacker can craft a cross-site scripting (XSS) payload and send it to any system or device that sends logs to the SIEM. If an alert is created, the payload will execute upon the alert data being viewed with that template, which can lead to sensitive data disclosure.

Affected (1)

Products: Logpoint: Siem

1 product

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Logpoint Siem	From 6.10.0 to 7.3.0

Related CWEs

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.

References (4)

https://github.com/shrikeinfosec/cve-2023-49950/blob/main/cve-2023-49950.md

Source: cve@mitre.org

Exploit

https://servicedesk.logpoint.com/hc/en-us/articles/14124495377437-Stored-XSS-Vulnerability-in-Alerts-via-Log-Injection

Source: cve@mitre.org

Vendor Advisory

https://github.com/shrikeinfosec/cve-2023-49950/blob/main/cve-2023-49950.md

Source: af854a3a-2127-422b-91ae-364da2661108

Exploit

https://servicedesk.logpoint.com/hc/en-us/articles/14124495377437-Stored-XSS-Vulnerability-in-Alerts-via-Log-Injection

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

Timeline

No history available yet.