[2.1.0] Checkmk Werk 17059 created: Escape user input on load failure of visuals

Title: Escape user input on load failure of visuals Class: security Compatible: compat Component: multisite Date: 1719397057 Edition: cre Level: 1 Version: 2.1.0p45 An attacker could create phishing links that take Checkmk users to their Checkmk installation and lure them into a malicious link if a visual (view/dashboard/report) did not exist. <em>Affected Versions</em>: LI: 2.3.0 LI: 2.2.0 LI: 2.1.0 LI: 2.0.0 (EOL) <em>Vulnerability Management</em>: We have rated the issue with a CVSS Score of <4.3 (Medium)> with the following CVSS vector: <code>CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N</code> and assigned CVE <code>CVE-2024-38857</code>.