Werk #10242: Fix possible XSS using titles of custom snapins

Komponente User interface
Titel Fix possible XSS using titles of custom snapins
Datum 27.09.2019
Checkmk Edition Checkmk Raw (CRE)
Checkmk-Version 1.6.0p3 2.0.0i1
Level Kleine Änderung
Klasse Sicherheitsfix
Kompatibilität Kompatibel - benötigt kein manuelles Eingreifen

Authenticated users that are allowed to configure and share custom snapins could inject arbitrary JS code to all users which are permitted to view this snapin.

Zur Liste aller Werks