Werk #6423: Fixed possible XSS in views with some filters

ComponentGUI
TitleFixed possible XSS in views with some filters
Date2018-08-02 19:38:37
Checkmk EditionCheckmk Raw Edition (CRE)
Checkmk Version1.4.0p35,1.6.0b1,1.5.0p1
LevelTrivial Change
ClassBug Fix
CompatibilityCompatible - no manual interaction needed

It was possible to inject some specific HTML tags (like the a-tag) into the title of views which could be used to make users click on it to execute some arbitrary javascript code.