Explore the latest product updates and best practices at our hybrid Checkmk Conference #12 from June 16-18, 2026 – Register here
back to website

Werk #2390: Fixed possible XSS issue on views

Component User interface
Title Fixed possible XSS issue on views
Date Jun 30, 2015
Level Trivial Change
Class Security Fix
Compatibility Compatible - no manual interaction needed
Checkmk versions & editions
1.2.7i3 Checkmk Community, Checkmk Pro, Checkmk Ultimate MT

It was possible to use the view_name variable to inject HTML/Javascript code into the status GUI views.

To the list of all Werks