Cross-Site Scripting Vulnerability in Checkmk by tribe29
CVE-2026-8833
8.5HIGH
What is CVE-2026-8833?
A flaw in the URL validation function of Checkmk allows authenticated users to craft malicious URLs, including javascript: URIs. This bypasses standard URL validation measures, leading to the potential execution of cross-site scripting attacks when other users interact with the compromised links. This vulnerability affects multiple versions of the Checkmk product, underscoring the need for prompt remediation and robust security practices.
Affected Version(s)
Checkmk 2.5.0 < 2.5.0p5
Checkmk 2.4.0 < 2.4.0p31
Checkmk 2.3.0 < 2.3.0p48
