Download

Werk #2390: Fixed possible XSS issue on views

Component User interface
Title Fixed possible XSS issue on views
Date Jun 30, 2015
Checkmk Edition Checkmk Raw (CRE)
Checkmk Version 1.2.7i3
Level Trivial Change
Class Security Fix
Compatibility Compatible - no manual interaction needed

It was possible to use the view_name variable to inject HTML/Javascript code into the status GUI views.

To the list of all Werks

See it yourself

Try out Checkmk now.

Get the Raw Edition Free and open source monitoring
Play with Checkmk Try Checkmk without installing