Self-XSS vulnerability in Logpoint LDAP authentication
CVE-2024-29865
Currently unrated
What is CVE-2024-29865?
A security issue has been identified in Logpoint, where versions prior to 7.1.0 are susceptible to Self-XSS attacks via the LDAP authentication page. This vulnerability allows an attacker to manipulate the username input field, leading to potential execution of malicious scripts in the context of the logged-in user’s session. Such an attack could compromise session integrity, allowing unauthorized actions to be performed under the guise of the legitimate user. Organizations utilizing affected versions are advised to upgrade to version 7.1.0 or later to mitigate these risks and enhance their security posture.