Werk #11501: Fix possible XSS using titles of views
| Komponente | User interface |
| Titel | Fix possible XSS using titles of views |
| Datum | 20.10.2020 |
| Checkmk Edition | Checkmk Raw (CRE) |
| Checkmk-Version | 1.6.0p19 2.0.0i1 |
| Level | Kleine Änderung |
| Klasse | Sicherheitsfix |
| Kompatibilität | Kompatibel - benötigt kein manuelles Eingreifen |
Authenticated users that are allowed to configure and share custom views could inject arbitrary JS code to all users which are permitted to view this view.
