Werk #5427: Fixed different XSS issues triggerd from BI aggregation/rule titles/descriptions

Component BI
Title Fixed different XSS issues triggerd from BI aggregation/rule titles/descriptions
Date Oct 27, 2017
Checkmk Edition Checkmk Raw (CRE)
Checkmk Version 1.4.0p17 1.5.0i1
Level Trivial Change
Class Security Fix
Compatibility Compatible - no manual interaction needed

Different fields in the BI configuration (titles, ...) could be used to inject JS code into the WATO dialogs and the BI status views. This could be triggered by users with permission to administrate WATO.

To the list of all Werks