5.4
CVSSv3

CVE-2024-13722

CVSSv4: NA | CVSSv3: 5.4 | CVSSv2: NA | VMScore: 640 | EPSS: 0.00045 | KEV: Not Included
Published: 04/02/2025 Updated: 06/02/2025

Vulnerability Summary

Reflected Cross-Site Scripting Vulnerability in Checkmk NagVis Component

A Cross Site Scripting (XSS) vulnerability exists in the NagVis component of Checkmk. This vulnerability allows an attacker to create a malicious link that can execute arbitrary JavaScript in a user's browser. The attack works for both authenticated and unauthenticated users, meaning any user who clicks the crafted link can be targeted by the XSS attack.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

checkmk nagvis

Mailing Lists

KL-001-2025-001: Checkmk NagVis Reflected Cross-site Scripting Title: Checkmk NagVis Reflected Cross-site Scripting Advisory ID: KL-001-2025-001 Publication Date: 2025-02-04 Publication URL: korelogiccom/Resources/Advisories/KL-001-2025-001txt 1 Vulnerability Details      Affected Vendor: Checkmk   &nbsp ...
KL-001-2025-001: Checkmk NagVis Reflected Cross-site Scripting Title: Checkmk NagVis Reflected Cross-site Scripting Advisory ID: KL-001-2025-001 Publication Date: 2025-02-04 Publication URL: korelogiccom/Resources/Advisories/KL-001-2025-001txt 1 Vulnerability Details      Affected Vendor: Checkmk   &nbsp ...