back to website

Werk #2390: Fixed possible XSS issue on views

Component User interface
Title Fixed possible XSS issue on views
Date Jun 30, 2015
Level Trivial Change
Class Security Fix
Compatibility Compatible - no manual interaction needed
Checkmk versions & editions
1.2.7i3
Not yet released 		Checkmk Raw (CRE), Checkmk Enterprise (CEE), Checkmk MSP (CME)
1.2.7i3
Not yet released 		Checkmk Raw (CRE), Checkmk Enterprise (CEE), Checkmk MSP (CME)
1.2.7i3
Not yet released 		Checkmk Raw (CRE), Checkmk Enterprise (CEE), Checkmk MSP (CME)
1.2.7i3
Not yet released 		Checkmk Raw (CRE), Checkmk Enterprise (CEE), Checkmk MSP (CME)
1.2.7i3
Not yet released 		Checkmk Raw (CRE), Checkmk Enterprise (CEE), Checkmk MSP (CME)
1.2.7i3
Not yet released 		Checkmk Raw (CRE), Checkmk Enterprise (CEE), Checkmk MSP (CME)
1.2.7i3
Not yet released 		Checkmk Raw (CRE), Checkmk Enterprise (CEE), Checkmk MSP (CME)
1.2.7i3
Not yet released 		Checkmk Raw (CRE), Checkmk Enterprise (CEE), Checkmk MSP (CME)
1.2.7i3 Checkmk Raw (CRE), Checkmk Enterprise (CEE), Checkmk MSP (CME)

It was possible to use the view_name variable to inject HTML/Javascript code into the status GUI views.

To the list of all Werks