Werk #6613: Fixed multiple reflected XSS in affecting sidebar snapin AJAX calls
| Component | User interface | ||||||
| Title | Fixed multiple reflected XSS in affecting sidebar snapin AJAX calls | ||||||
| Date | Sep 14, 2018 | ||||||
| Level | Trivial Change | ||||||
| Class | Security Fix | ||||||
| Compatibility | Compatible - no manual interaction needed | ||||||
| Checkmk versions & editions |
|
Multiple parameters of several snapin AJAX calls were vulnerable to reflected XSS. The speedometer is accessible to all users with at least monitoring privileges.