CVE-2025-54316 – Logpoint Jinja Template XSS Vulnerability

July 20, 2025

CVE ID : CVE-2025-54316

Published : July 20, 2025, 7:15 p.m. | 4 hours, 2 minutes ago

Description : An issue was discovered in Logpoint before 7.6.0. When creating reports, attackers can create custom Jinja templates that chained built-in filter functions to generate XSS payloads. These payloads can be rendered by the Logpoint Report Template engine, making it vulnerable to cross-site scripting (XSS) attacks.

Severity: 4.9 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-54317 – Logpoint Path Traversal Remote Code Execution Vulnerability

Next Article CVE-2025-47917 – Mbed TLS Use-After-Free Vulnerability

Highlights

CVE-2025-49833 – GPT-SoVITS-WebUI Command Injection Vulnerability

July 16, 2025

CVE ID : CVE-2025-49833

Published : July 15, 2025, 9:15 p.m. | 5 hours, 38 minutes ago

Description : GPT-SoVITS-WebUI is a voice conversion and text-to-speech webUI. In versions 20250228v3 and prior, there is a command injection vulnerability in the webui.py open_slice function. slice_opt_root and slice-inp-path takes user input, which is passed to the open_slice function, which concatenates the user input into a command and runs it on the server, leading to arbitrary command execution. At time of publication, no known patched versions are available.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Node.js vs. Python for Backend: 7 Reasons C-Level Leaders Choose Node.js Talent

Handling JavaScript Event Listeners With Parameters

ChatGPT now has an agent mode

Scrum Alliance and Kanban University partner to offer new course that teaches both methodologies

Is ChatGPT down? You’re not alone. Here’s what OpenAI is saying

I found a tablet that could replace my iPad and Kindle – and it’s worth every penny

The best CRM software with email marketing in 2025: Expert tested and reviewed

This multi-port car charger can power 4 gadgets at once – and it’s surprisingly cheap

Execute Ping Commands and Get Back Structured Data in PHP

Execute Ping Commands and Get Back Structured Data in PHP

The Intersection of Agile and Accessibility – A Series on Designing for Everyone

Zero Trust & Cybersecurity Mesh: Your Org’s Survival Guide

I Made Kitty Terminal Even More Awesome by Using These 15 Customization Tips and Tweaks

I Made Kitty Terminal Even More Awesome by Using These 15 Customization Tips and Tweaks

Microsoft confirms active cyberattacks on SharePoint servers

How to Manually Check & Install Windows 11 Updates (Best Guide)

CVE-2025-54316 – Logpoint Jinja Template XSS Vulnerability

UNC6148 Backdoors Fully-Patched SonicWall SMA 100 Series Devices with OVERSTEP Rootkit

3,500 Websites Hijacked to Secretly Mine Crypto Using Stealth JavaScript and WebSocket Tactics

Cybercrime Losses Jump 33% in 2024, FBI Report Shows

CVE-2025-4141 – Netgear EX6200 Remote Buffer Overflow Vulnerability

Designing For Neurodiversity

CVE-2025-5836 – Tenda AC9 Command Injection Vulnerability

CVE-2025-49833 – GPT-SoVITS-WebUI Command Injection Vulnerability

CVE-2024-56917 – Netbox Community XSS in Maintenance Banner

CVE-2025-48060 – jq Heap Buffer Overflow Vulnerability

Microsoft 50th Anniversary Copilot Event interrupted by protester

CVE-2025-54316 – Logpoint Jinja Template XSS Vulnerability

Related Posts