Checkmk Werk 12826: Fix reflected XSS using the on page search

28 Apr 2021

ID:          12826
Title:       Fix reflected XSS using the on page search
Component:   Multisite
Level:       1
Class:       Security fix
Version:     2.1.0i1

The on page search could be used to trigger a reflected XSS attack.  It was
possible to execute arbitrary javascript code in the context of the user
clicking on the reset button of the on page search.

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

Checkmk Werk 12826: Fix reflected XSS using the on page search