|Title||Fixed possible open redirect on login page|
|Checkmk Edition||Checkmk Raw Edition (CRE)|
|Compatibility||Compatible - no manual interaction needed|
It was possible to redirect an user to external websites through manipulating GET parameters. To exploit this vulnerability, an attacker needs to trick a user into following a crafted URL. The attack only works if the user does not notice that he is redirected to a different URL.