Checkmk 2.0 is here! See what's new.

Werk #2386: Fixed possible XSS on WATO rule edit page

Component WATO
Title Fixed possible XSS on WATO rule edit page
Date Jun 30, 2015
Checkmk Editon Checkmk Raw (CRE)
Checkmk Version 1.2.7i3
Level Trivial Change
Class Security Fix
Compatibility Compatible - no manual interaction needed

A possible XSS injection has been fixed on the rule edit page of WATO. It was possible to inject javascript code using the HTTP parameters the page is processing.

To the list of all Werks