[//]: # (werk v2) # Escape user input on load failure of visuals key | value ---------- | --- date | 2024-06-26T10:17:37+00:00 version | 2.3.0p8 class | security edition | cre component | multisite level | 1 compatible | yes An attacker could create phishing links that take Checkmk users to their Checkmk installation and lure them into a malicious link if a visual (view/dashboard/report) did not exist. <em>Affected Versions</em>: LI: 2.3.0 LI: 2.2.0 LI: 2.1.0 LI: 2.0.0 (EOL) <em>Vulnerability Management</em>: We have rated the issue with a CVSS Score of <4.3 (Medium)> with the following CVSS vector: <code>CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N</code> and assigned CVE <code>CVE-2024-38857</code>.