Medium CVE-2026-8078 Stored cross-site scripting in the global settings change log in Checkmk <2.5.0p5, <2.4.0p31, <2.3.0p48, and all 2.2.0 versions allows an administrator who can change global settings to store malicious HTML or JavaScript in changelog messages that executes in other users'...

#Sicherheitslücke

Original-Artikel öffnen Zurück zur Übersicht

ARTICLEVIEW

[Medium] CVE-2026-8078 – Stored cross-site scripting in the global settings change log in Checkmk <2.5.0p...

VERWANDTEARTIKEL

Check Point VPN 0-day Vulnerability Exploited in the Wild to Deploy Ransomware

CVE-2026-25555 - OpenBullet2 0.3.2 Authentication Bypass via X-Api-Key Header

CVE-2026-25559 - OpenBullet2 0.3.2 Path Traversal via Wordlist Endpoint

CVE-2026-25856 - OpenBullet2 0.3.2 Authenticated RCE via Job Configuration Interface

CVE-2026-25855 - OpenBullet2 0.3.2 Authenticated RCE via FileProxySource Script Upload

CVE-2026-49755 - Decompression bomb DoS in Req via auto-decoded archive and compressed response bodies