Branch: refs/heads/master Home: https://github.com/tribe29/checkmk Commit: 6e578cbf62dcebe801706c340a9907f8e2389fd6 https://github.com/tribe29/checkmk/commit/6e578cbf62dcebe801706c340a9907f8e… Author: Lars Michelsen <lm(a)tribe29.com> Date: 2019-09-27 (Fri, 27 Sep 2019) Changed paths: A .werks/10242 M cmk/gui/plugins/sidebar/wato.py M cmk/gui/sidebar.py Log Message: ----------- 10242 SEC Fix possible XSS using titles of custom snapins Authenticated users that are allowed to configure and share custom snapins could inject arbitrary JS code to all users which are permitted to view this snapin. Change-Id: Idf3bdefb168f0bdc22155f0cc76b1cc865898c4f Commit: ed8f2fdff829c0a2acae30dea998fee6c4a69f79 https://github.com/tribe29/checkmk/commit/ed8f2fdff829c0a2acae30dea998fee6c… Author: Lars Michelsen <lm(a)tribe29.com> Date: 2019-09-27 (Fri, 27 Sep 2019) Changed paths: M cmk_base/check_utils.py M cmk_base/discovery.py Log Message: ----------- Improve error message in case of invalid check parameters Change-Id: Ib19cbb5b9320b49707f05a0173e9045bee70edef Compare: https://github.com/tribe29/checkmk/compare/5142de3ba525...ed8f2fdff829