Check_MK Werk 5427: Fixed different XSS issues triggerd from BI aggregation/rule titles/descriptions

27 Oct 2017

ID:          5427
Title:       Fixed different XSS issues triggerd from BI aggregation/rule
titles/descriptions
Component:   BI
Level:       1
Class:       Security fix
Version:     1.5.0i1

Different fields in the BI configuration (titles, ...) could be used to inject JS code
into the WATO dialogs and the BI status views. This could be triggered by users with
permission to administrate WATO.

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

Check_MK Werk 5427: Fixed different XSS issues triggerd from BI aggregation/rule titles/descriptions