back to website

Werk #1873: Escaping event text of Event Console messages correctly in views

Component Event Console
Title Escaping event text of Event Console messages correctly in views
Date Jan 20, 2015
Level Trivial Change
Class Security Fix
Compatibility Compatible - no manual interaction needed
Checkmk versions & editions
1.2.7i1 Checkmk Raw (CRE), Checkmk Enterprise (CEE), Checkmk MSP (CME)

Event texts of messages which have been processed by the Event Console and resulted in a event might contain HTML code which is now escaped correctly to prevent XSS attacks when shown in the Event Console views.

To the list of all Werks

The Checkmk logo (formerly known as Check_MK) is a trademark of Checkmk GmbH. ©2025 Checkmk GmbH. All rights reserved.

Join our Checkmk Conference #12 – the hybrid Monitoring Community event in Munich, on June 16-18 – to explore new Checkmk features, best practices, and our roadmap.

Register now