Check_MK Werk 6619: Fixed missing CSRF protection for master control AJAX calls

18 Sep 2018

ID:          6619
Title:       Fixed missing CSRF protection for master control AJAX calls
Component:   Multisite
Level:       1
Class:       Security fix
Version:     1.6.0i1

The AJAX calls used by the master control snapin were not correctly using
CSRF tokens to protect logged in users against malicious links that could
trigger actions.

CMK-963

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

Check_MK Werk 6619: Fixed missing CSRF protection for master control AJAX calls