Checkmk Werk 10242: Fix possible XSS using titles of custom snapins

27 Sep 2019

ID:          10242
Title:       Fix possible XSS using titles of custom snapins
Component:   Multisite
Level:       1
Class:       Security fix
Version:     1.7.0i1

Authenticated users that are allowed to configure and share custom snapins
could inject arbitrary JS code to all users which are permitted to view this
snapin.

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

Checkmk Werk 10242: Fix possible XSS using titles of custom snapins