CVE-2025-39663 | Teknoloji dünyasından en güncel haberleri ve güvenlikle ilgili gelişmeleri takip edin.

Cross-Site Scripting (XSS) vulnerability in Checkmk's distributed monitoring allows a compromised remote site to inject malicious HTML code into service outputs…
High CVSS: 8.5

CVE-2025-39663

Cross-Site Scripting (XSS) vulnerability in Checkmk's distributed monitoring allows a compromised remote site to inject malicious HTML code into service outputs in the central site. Affecting Checkmk before 2.4.0p14, 2.3.0p39, 2.2.0 and 2.1.0 (eol).
Vendor
Checkmk
Product
Checkmk
CWE
CWE-80
Yayın Tarihi
2025-10-30 11:15:32
Güncelleme
2025-12-03 20:06:16
Source Identifier
security@checkmk.com
KEV Date Added
-

Kategoriler

CWE-80 Checkmk HIGH Checkmk 2025

Referanslar

https://checkmk.com/werk/17998 https://github.com/sbaresearch/advisories/tree/82fd27e4570433464c30b35150b197db9a850f4e/2025/SBA-ADV-20250729-01_Checkmk_Cross_Site_Scripting http://seclists.org/fulldisclosure/2025/Nov/0 https://github.com/sbaresearch/advisories/tree/82fd27e4570433464c30b35150b197db9a850f4e/2025/SBA-ADV-20250729-01_Checkmk_Cross_Site_Scripting