Werk #6568: Fixed possible XSS on custom icon management page
Component | Setup |
Title | Fixed possible XSS on custom icon management page |
Date | Sep 13, 2018 |
Checkmk Edition | Checkmk Raw (CRE) |
Checkmk Version | 1.4.0p36 1.5.0p5 1.6.0b1 |
Level | Trivial Change |
Class | Security Fix |
Compatibility | Compatible - no manual interaction needed |
Using icons with specific names it was possible to trigger an XSS on the icon administration page which only affected admin users.