[checkmk-commits] [tribe29/checkmk] c41f7b: 13148 SEC Fix stored XSS in description fields

19 Aug 2021

  Branch: refs/heads/2.0.0
  Home:   https://github.com/tribe29/checkmk
  Commit: c41f7bcfdecdbe30bf2651dbd54b1174350c79cd
      https://github.com/tribe29/checkmk/commit/c41f7bcfdecdbe30bf2651dbd54b11743…
  Author: Tom Baerwinkel &lt;tom.baerwinkel(a)tribe29.com&gt;
  Date:   2021-08-19 (Thu, 19 Aug 2021)

  Changed paths:
    A .werks/13148
    M cmk/gui/pagetypes.py
    M cmk/gui/visuals.py

  Log Message:
  -----------
  13148 SEC Fix stored XSS in description fields

Users with the permission to add/edit items in the custmize menu (views, topics,
etc.) could trigger stored XSS in the overview page.

FEED-6322

Change-Id: I1102afcbaa6a681460b7ce1d87127b9f9843435f

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

[checkmk-commits] [tribe29/checkmk] c41f7b: 13148 SEC Fix stored XSS in description fields