Werk #1873: Escaping event text of Event Console messages correctly in views
Component | Event Console | ||
Title | Escaping event text of Event Console messages correctly in views | ||
Date | Jan 20, 2015 | ||
Level | Trivial Change | ||
Class | Security Fix | ||
Compatibility | Compatible - no manual interaction needed | ||
Checkmk versions & editions |
|
Event texts of messages which have been processed by the Event Console and resulted in a event might contain HTML code which is now escaped correctly to prevent XSS attacks when shown in the Event Console views.