ID: 13719 Title: Remove report element "Paragraph of text fetched via HTTP(s)" Component: Reporting & Availability Level: 1 Class: Security fix Version: 2.1.0i1 In previous versions one could add text from foreign websites into reports. <i>Paragraph of text fetched via HTTP(s)</i> The functionality was very limited since no parsing was done. This functionality broke with version 2.0.0. Additionally this could enable a malicious actor to retrieve sensitive information from systems accessible to the Checkmk server (SSRF). Therefore the functionality is removed. Existing report elements of type <i>Paragraph of text fetched via HTTP(s)</i> will be converted to <i>Paragraph of text</i> elements with text refering to the URL. Unfortunately no macros will be resolved.