Werk #6568: Fixed possible XSS on custom icon management page
Komponente | Setup |
Titel | Fixed possible XSS on custom icon management page |
Datum | 13.09.2018 |
Checkmk Edition | Checkmk Raw (CRE) |
Checkmk-Version | 1.4.0p36 1.5.0p5 1.6.0b1 |
Level | Kleine Änderung |
Klasse | Sicherheitsfix |
Kompatibilität | Kompatibel - benötigt kein manuelles Eingreifen |
Using icons with specific names it was possible to trigger an XSS on the icon administration page which only affected admin users.