2 matches found
CVE-2017-11507
A cross site scripting XSS vulnerability exists in CheckMK versions 1.2.8x prior to 1.2.8p25 and 1.4.0x prior to 1.4.0p9, allowing an unauthenticated attacker to inject arbitrary HTML or JavaScript via the outputformat parameter, and the username parameter of failed HTTP basic authentication...
CVE-2017-11507
CVE-2017-11507 affects Check_MK. Vulnerable components: Check_MK versions 1.2.8x prior to 1.2.8p25 and 1.4.0x prior to 1.4.0p9. Root cause: cross-site scripting (XSS) via the output_format parameter and the username theme of failed HTTP Basic authentication attempts, with the injected HTML/JavaSc...