PT-2023-18400 · Checkmk · Checkmk
Published
2023-03-20
·
Updated
2024-07-23
·
CVE-2023-22288
CVSS v3.1
5.4
Medium
| Vector | AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N |
Name of the Vulnerable Software and Affected Versions
Checkmk versions 1.6.0 and earlier
Checkmk versions 2.0.0p1 through 2.0.0p34
Checkmk versions 2.1.0p1 through 2.1.0p23
Description
The issue allows an authenticated attacker to inject malicious HTML into emails.
Recommendations
For Checkmk version 1.6.0, update to a version later than 1.6.0.
For Checkmk versions 2.0.0p1 through 2.0.0p34, update to a version later than 2.0.0p34.
For Checkmk versions 2.1.0p1 through 2.1.0p23, update to a version later than 2.1.0p23.
Fix
XSS
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Checkmk