Описание
In Checkmk <=2.0.0p19 fixed in 2.0.0p20 and Checkmk <=1.6.0p27 fixed in 1.6.0p28, the title of a Predefined condition is not properly escaped when shown as condition, which can result in Cross Site Scripting (XSS).
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | not-affected | code not present |
| esm-apps/bionic | not-affected | code not present |
| esm-apps/xenial | not-affected | code not present |
| trusty | ignored | end of standard support |
| upstream | released | 2.0.0p20, 1.6.0p28 |
| xenial | ignored | end of standard support |
Показывать по
3.5 Low
CVSS2
5.4 Medium
CVSS3
Связанные уязвимости
In Checkmk <=2.0.0p19 fixed in 2.0.0p20 and Checkmk <=1.6.0p27 fixed in 1.6.0p28, the title of a Predefined condition is not properly escaped when shown as condition, which can result in Cross Site Scripting (XSS).
In Checkmk <=2.0.0p19 fixed in 2.0.0p20 and Checkmk <=1.6.0p27 fixed i ...
In Checkmk <=2.0.0p19 fixed in 2.0.0p20 and Checkmk <=1.6.0p27 fixed in 1.6.0p28, the title of a Predefined condition is not properly escaped when shown as condition, which can result in Cross Site Scripting (XSS).
3.5 Low
CVSS2
5.4 Medium
CVSS3