Download

Werk #2386: Fixed possible XSS on WATO rule edit page

Component Setup
Title Fixed possible XSS on WATO rule edit page
Date Jun 30, 2015
Level Trivial Change
Class Security Fix
Compatibility Compatible - no manual interaction needed
Checkmk versions & editions
1.2.7i3 Checkmk Raw (CRE), Checkmk Enterprise (CEE), Checkmk MSP (CME)

A possible XSS injection has been fixed on the rule edit page of WATO. It was possible to inject javascript code using the HTTP parameters the page is processing.

To the list of all Werks

See it yourself

Try out Checkmk now.

Get the Raw Edition Free and open source monitoring
Play with Checkmk Try Checkmk without installing