Check_MK Werk 6620: Fixed missing CSRF protection for site status AJAX calls

18 Sep 2018

ID:          6620
Title:       Fixed missing CSRF protection for site status AJAX calls
Component:   Multisite
Level:       1
Class:       Security fix
Version:     1.6.0i1

The AJAX calls used by the site status snapin were not correctly using
CSRF tokens to protect logged in users against malicious links that could
trigger actions.

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

Check_MK Werk 6620: Fixed missing CSRF protection for site status AJAX calls