CVE-2022-24564

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2022-24564

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-24564.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2022-24564

Published

2022-02-21T23:15:07.717Z

Modified

2026-04-10T04:45:27.544905Z

Severity

6.1 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N CVSS Calculator

Summary

[none]

Details

Checkmk <=2.0.0p19 contains a Cross Site Scripting (XSS) vulnerability. While creating or editing a user attribute, the Help Text is subject to HTML injection, which can be triggered for editing a user.

References

https://checkmk.com/werk/13199

Affected packages

Git / github.com/checkmk/checkmk

Affected ranges

Type

GIT

Repo

https://github.com/checkmk/checkmk

Events

Introduced

Last affected

a08e390df0ae711bbee6fbdd0d32da1452918ae3

Introduced

Last affected

a21f44d5ed8ad8c40784e6c68faf597d7e45a949

Introduced

Last affected

6d2dbf92cfa5a81748474d25c363580149b0f2f1

Introduced

Last affected

715a3481d11141310265e2144e29271bfb4e6ef2

Introduced

Last affected

3097f9c57877fe7651d8c2a46e648a28cf920ed6

Introduced

Last affected

81ef39b47302619a5b4ff268a9cd0576b75e7bcb

Introduced

Last affected

a95de6e2902e809b0fe81105b56977603d9fb240

Introduced

Last affected

3a98f74ec242670d49ac7fec02d99fe98473500a

Introduced

Last affected

b23e1322930e36d532c7a4d339221681debad59b

Introduced

Last affected

a21f44d5ed8ad8c40784e6c68faf597d7e45a949

Introduced

Last affected

a21f44d5ed8ad8c40784e6c68faf597d7e45a949

Introduced

Last affected

df41d340f4846d8c56fc59dc66aa75eea1982267

Introduced

Last affected

684d45dd10dc01d4c8832a57143e01f99648935c

Introduced

Last affected

732c7bf20e0494dab8adf1bcd33050c12152953a

Introduced

Last affected

a7e983abbae3f5e5e76597fcf514f27496c6b8af

Introduced

Last affected

9a6a31d750f2ce84318fb060edc2ce773e6ff40f

Introduced

Last affected

3e6d79677aeebabb6ba079026a06736b5ce6ece1

Introduced

Last affected

6eb3b5bc4955858e31cdfb55d54dd73596fda235

Introduced

Last affected

8b5aced3bb5522033e47d88084ca781a8564a988

Introduced

Last affected

1072c2466449c89ab730e2d8edd9b0115f2866fe

Introduced

Last affected

484ded389cf62414abc10f16894abed01da8e4d2

Database specific

{
    "versions": [
        {
            "introduced": "0"
        },
        {
            "last_affected": "2.0.0-NA"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "2.0.0-b1"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "2.0.0-b2"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "2.0.0-b3"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "2.0.0-b4"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "2.0.0-b5"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "2.0.0-b6"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "2.0.0-b7"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "2.0.0-b8"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "2.0.0-i1"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "2.0.0-p1"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "2.0.0-p10"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "2.0.0-p11"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "2.0.0-p12"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "2.0.0-p13"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "2.0.0-p14"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "2.0.0-p15"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "2.0.0-p16"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "2.0.0-p17"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "2.0.0-p18"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "2.0.0-p19"
        }
    ]
}

Affected versions

1.*

1.1.0beta17

v1.*

v1.1.0

v1.1.10

v1.1.10b1

v1.1.10b2

v1.1.11i1

v1.1.11i2

v1.1.11i3

v1.1.13i2

v1.1.13i3

v1.1.2

v1.1.3

v1.1.4

v1.1.6

v1.1.6b2

v1.1.7i2

v1.1.7i3

v1.1.7i4

v1.1.7i5

v1.1.8

v1.1.8b1

v1.1.8b2

v1.1.8b3

v1.1.9i1

v1.1.9i3

v1.1.9i4

v1.1.9i5

v1.1.9i7

v1.1.9i8

v1.1.9i9

v1.2.0b2

v1.2.0b3

v1.2.0b4

v1.2.0p1

v1.2.1i5

v1.2.3i4

v1.2.3i5

v1.2.3i6

v1.2.5i1

v1.2.5i6

v1.4.0i1

v1.4.0i2

v1.4.0i3

v1.5.0i1

v1.5.0i2

v1.5.0i3

v1.6.0b1

v2.*

v2.0.0

v2.0.0b1

v2.0.0b2

v2.0.0b3

v2.0.0b4

v2.0.0b5

v2.0.0b6

v2.0.0b7

v2.0.0i1

v2.0.0p1

v2.0.0p10

v2.0.0p11

v2.0.0p12

v2.0.0p13

v2.0.0p14

v2.0.0p15

v2.0.0p16

v2.0.0p17

v2.0.0p18

v2.0.0p19

v2.0.0p3

v2.0.0p4

v2.0.0p5

v2.0.0p6

v2.0.0p7

v2.0.0p8

v2.0.0p9

Database specific

source

"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-24564.json"