Werk #11501: Fix possible XSS using titles of views

Komponente GUI
Titel Fix possible XSS using titles of views
Datum 20.10.2020
Checkmk-Editon Checkmk Raw (CRE)
Checkmk-Version 1.6.0p19 2.0.0i1
Level Kleine Änderung
Klasse Sicherheitsfix
Kompatibilität Kompatibel - benötigt kein manuelles Eingreifen

Authenticated users that are allowed to configure and share custom views could inject arbitrary JS code to all users which are permitted to view this view.

Zur Liste aller Werks