Branch: refs/heads/1.6.0
Home:
https://github.com/tribe29/checkmk
Commit: 924ceff011fbeecea5c808a121ce7fdded5833a8
https://github.com/tribe29/checkmk/commit/924ceff011fbeecea5c808a121ce7fdde…
Author: Tom Baerwinkel <tom.baerwinkel(a)tribe29.com>
Date: 2021-05-12 (Wed, 12 May 2021)
Changed paths:
A .werks/12762
M cmk/gui/plugins/wato/utils/__init__.py
M cmk/gui/valuespec.py
M cmk/gui/wato/mkeventd.py
M cmk/gui/wato/pages/ldap.py
Log Message:
-----------
Fix several XSS issues
* JavaScript was executed in the rule overview if a script
was entered in the Text to match of EC rules.
* JavaScript was executed if scripts were entered in the LDAP
server and failover server and "Save & Test" was clicked
* JavaScript was executed in the notification rules if sripts
were entered in the the title and topic of aux tags and tags.
FEED-6031
Change-Id: Iffe715253df45434e850fb1c571d41392c68a26c