back to website

Werk #13719: Remove report element "Paragraph of text fetched via HTTP(s)"

Component Reporting & availability
Title Remove report element "Paragraph of text fetched via HTTP(s)"
Date Feb 9, 2022
Level Trivial Change
Class Security Fix
Compatibility Incompatible - Manual interaction might be required
Checkmk versions & editions
2.1.0b1 Checkmk Enterprise (CEE), Checkmk MSP (CME)
2.0.0p20 Checkmk Enterprise (CEE), Checkmk MSP (CME)

In previous versions one could add text from foreign websites into reports. Paragraph of text fetched via HTTP(s) The functionality was very limited since no parsing was done. This functionality broke with version 2.0.0.

Additionally this could enable a malicious actor to retrieve sensitive information from systems accessible to the Checkmk server (SSRF). Therefore the functionality is removed.

Existing report elements of type Paragraph of text fetched via HTTP(s) will be converted to Paragraph of text elements with text refering to the URL. Unfortunately no macros will be resolved.

To the list of all Werks

The Checkmk logo (formerly known as Check_MK) is a trademark of Checkmk GmbH. ©2025 Checkmk GmbH. All rights reserved.

Join our hybrid Monitoring Community event from May 20-22 in Munich and learn more about the latest Checkmk features and our roadmap at the Checkmk Conference #11

Register now