VYPR
Unrated severityNVD Advisory· Published Jun 25, 2024· Updated Aug 2, 2024

XSS in confirmation pop-up

CVE-2024-28831

Description

Stored XSS in some confirmation pop-ups in Checkmk before versions 2.3.0p7 and 2.2.0p28 allows Checkmk users to execute arbitrary scripts by injecting HTML elements into some user input fields that are shown in a confirmation pop-up.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Checkmk/Checkmkllm-fuzzy2 versions
    <2.3.0p7, <2.2.0p28+ 1 more
    • (no CPE)range: <2.3.0p7, <2.2.0p28
    • (no CPE)range: 2.3.0

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.