Werk #6610: Fixed possible XSS using the dokuwiki snapin

Komponente User interface
Titel Fixed possible XSS using the dokuwiki snapin
Datum 13.09.2018
Checkmk Edition Checkmk Raw (CRE)
Checkmk-Version 1.4.0p36 1.5.0p5 1.6.0b1
Level Kleine Änderung
Klasse Sicherheitsfix
Kompatibilität Kompatibel - benötigt kein manuelles Eingreifen

The content of the DokuWiki page named "sidebar" was inserted into the DokuWiki view of Check_MK, but was is not correctly sanitized. This can only be done by an administrator of the page, but every user who can access the DokuWiki view was affected by the vulnerability.

Zur Liste aller Werks