Werk #6612: Fixed possible reflected XSS using back URLs in view editor
Komponente | User interface |
Titel | Fixed possible reflected XSS using back URLs in view editor |
Datum | 14.09.2018 |
Checkmk Edition | Checkmk Raw (CRE) |
Checkmk-Version | 1.4.0p36 1.5.0p5 1.6.0b1 |
Level | Kleine Änderung |
Klasse | Sicherheitsfix |
Kompatibilität | Kompatibel - benötigt kein manuelles Eingreifen |
The parameter back of the following requests is vulnerable to reflected XSS. This vulnerability affects the create/modify view page and requires at least guest privileges. The victim has to click on the back button to trigger the injected code.