Vulnerabilities > Logrhythm

DATE CVE VULNERABILITY TITLE RISK
2022-12-13 CVE-2021-41943 Cross-site Scripting vulnerability in Logrhythm 7.4.9
Logrhythm Web Console 7.4.9 allows for HTML tag injection through Contextualize Action -> Create a new Contextualize Action -> Inject your HTML tag in the name field.
network
low complexity
logrhythm CWE-79
6.1
2020-12-17 CVE-2020-25096 Unspecified vulnerability in Logrhythm Platform Manager 7.4.9
LogRhythm Platform Manager (PM) 7.4.9 has Incorrect Access Control.
network
low complexity
logrhythm
6.5
2020-12-17 CVE-2020-25095 Cross-Site Request Forgery (CSRF) vulnerability in Logrhythm Platform Manager 7.4.9
LogRhythm Platform Manager (PM) 7.4.9 allows CSRF.
network
logrhythm CWE-352
6.8
2020-12-17 CVE-2020-25094 Injection vulnerability in Logrhythm Platform Manager 7.4.9
LogRhythm Platform Manager 7.4.9 allows Command Injection.
network
low complexity
logrhythm CWE-74
critical
10.0