Werk #1873: Escaping event text of Event Console messages correctly in views
| Component | Event Console | ||
| Title | Escaping event text of Event Console messages correctly in views | ||
| Date | Jan 20, 2015 | ||
| Level | Trivial Change | ||
| Class | Security Fix | ||
| Compatibility | Compatible - no manual interaction needed | ||
| Checkmk versions & editions |
|
Event texts of messages which have been processed by the Event Console and resulted in a event might contain HTML code which is now escaped correctly to prevent XSS attacks when shown in the Event Console views.