Lucene search
K

6 matches found

Packet Storm
Packet Storm
added 2026/03/02 12:0 a.m.148 views

📄 Checkmk 2.4.0p21 Cross Site Scripting

Checkmk suffers from a persistent cross site scripting vulnerability. Versions affected include 2.4.0 before 2.4.0p22 and 2.3.0 before 2.3.0p43. ============================================================================================================================================= | Title :...

7.3CVSS5.3AI score0.00141EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2026/02/27 7:44 p.m.7 views

CVE-2025-64999

Improper neutralization of input in Checkmk versions 2.4.0 before 2.4.0p22, and 2.3.0 before 2.3.0p43 allows an attacker that can manipulate a host's check output to inject malicious JavaScript into the Synthetic Monitoring HTML logs, which can then be accessed via a crafted phishing link...

7.3CVSS5.9AI score0.00141EPSS
Exploits1References1
NVD
NVD
added 2026/02/26 11:16 a.m.20 views

CVE-2025-64999

Improper neutralization of input in Checkmk versions 2.4.0 before 2.4.0p22, and 2.3.0 before 2.3.0p43 allows an attacker that can manipulate a host's check output to inject malicious JavaScript into the Synthetic Monitoring HTML logs, which can then be accessed via a crafted phishing link...

7.3CVSS0.00141EPSS
Exploits1References2
OSV
OSV
added 2026/02/26 10:26 a.m.5 views

CVE-2025-64999 Cross-site scripting in HTML logs of Synthetic Monitoring test services

Improper neutralization of input in Checkmk versions 2.4.0 before 2.4.0p22, and 2.3.0 before 2.3.0p43 allows an attacker that can manipulate a host's check output to inject malicious JavaScript into the Synthetic Monitoring HTML logs, which can then be accessed via a crafted phishing link...

7.3CVSS5.9AI score0.00141EPSS
Exploits1References4
ATTACKERKB
ATTACKERKB
added 2026/02/26 10:26 a.m.7 views

CVE-2025-64999

Improper neutralization of input in Checkmk versions 2.4.0 before 2.4.0p22, and 2.3.0 before 2.3.0p43 allows an attacker that can manipulate a host's check output to inject malicious JavaScript into the Synthetic Monitoring HTML logs, which can then be accessed via a crafted phishing link...

7.3CVSS5.4AI score0.00141EPSS
Exploits1References3Affected Software1
CNNVD
CNNVD
added 2026/02/26 12:0 a.m.13 views

Checkmk 安全漏洞

Checkmk is an IT monitoring platform developed by Checkmk Corporation. Versions of Checkmk prior to 2.4.0p22 and 2.3.0p43 contained security vulnerabilities. These vulnerabilities were due to improper input handling, which could allow attackers to inject malicious JavaScript into the Synthetic...

7.3CVSS5.8AI score0.00141EPSS
Exploits1References2
Rows per page
Query Builder