Checkmk werks security July 2014

checkmk-werks-sec@lists.checkmk.com

1 participants
3 discussions

Check_MK Werk 1062: Fixed several XSS issues on different pages

by Lars Michelsen

ID: 1062 Title: Fixed several XSS issues on different pages Component: Multisite Level: 2 Class: Security Fix Version: 1.2.5i5 Some pages, like the views and prediction pages missed to escape values provided by the user.

9 years, 10 months

Check_MK Werk 1063: Fixed several XSS issues on different pages

by Lars Michelsen

ID: 1063 Title: Fixed several XSS issues on different pages Component: Multisite Level: 2 Class: Security Fix Version: 1.2.5i5 Several pages like views and prediction pages missed to escape user provided values before writing them back on the pages.

9 years, 10 months

Check_MK Werk 1052: index start URL can not be used to redirect to absolute URLs anymore

by Lars Michelsen

ID: 1052 Title: index start URL can not be used to redirect to absolute URLs anymore Component: Multisite Level: 1 Class: Security Fix Version: 1.2.5i5 An attacker could make a user open up an URL to a compromised website which the does not want to open index.py?start_url=http://(url to compromised URL).

9 years, 10 months

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

Checkmk werks security July 2014