Security Advisory

CVE-2025-39663

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-10-30 10:43:08

Last updated 2025-11-07 16:04:27

Assigner Checkmk

State PUBLISHED

Description

Cross-Site Scripting (XSS) vulnerability in Checkmks distributed monitoring allows a compromised remote site to inject malicious HTML code into service outputs in the central site. Affecting Checkmk before 2.4.0p14, 2.3.0p39, 2.2.0 and 2.1.0 (eol).

← Browse all CVEs View on cve.org ↗