Stored XSS in some confirmation pop-ups in Checkmk before versions 2.3.0p7 and 2.2.0p28 allows Checkmk users to execute arbitrary scripts by injecting HTML elements into some user input fields that are shown in a confirmation pop-up.
References
Link | Resource |
---|---|
https://checkmk.com/werk/17025 |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: Checkmk
Published: 2024-06-25T11:45:27.259Z
Updated: 2024-06-28T15:15:14.287Z
Reserved: 2024-03-11T13:21:43.122Z
Link: CVE-2024-28831
JSON object: View
NVD Information
Status : Awaiting Analysis
Published: 2024-06-25T12:15:09.490
Modified: 2024-06-25T12:24:17.873
Link: CVE-2024-28831
JSON object: View
Redhat Information
No data.
CWE