Werk #5427: Fixed different XSS issues triggerd from BI aggregation/rule titles/descriptions

KomponenteBI
TitelFixed different XSS issues triggerd from BI aggregation/rule titles/descriptions
Datum2017-10-27 15:47:59
Checkmk EditionCheckmk Raw Edition (CRE)
Checkmk Version1.4.0p17,1.5.0i1
LevelTrivial Change
KlasseSecurity Fix
KompatibilitätKompatibel - benötigt kein manuelles Eingreifen

Different fields in the BI configuration (titles, ...) could be used to inject JS code into the WATO dialogs and the BI status views. This could be triggered by users with permission to administrate WATO.