CVE-2025-64999 – Cross-site scripting in HTML logs of Synthetic Monitoring test services

CVE ID : CVE-2025-64999

Published : Feb. 26, 2026, 10:26 a.m. | 44 minutes ago

Description : Improper neutralization of input in Checkmk versions 2.4.0 before 2.4.0p22, and 2.3.0 before 2.3.0p43 allows an attacker that can manipulate a host’s check output to inject malicious JavaScript into the Synthetic Monitoring HTML logs, which can then be accessed via a crafted phishing link.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more… 

نوشته های مشابه

CVE-2026-28138 – WordPress uListing plugin

CVE-2026-28136 – WordPress WP SMS plugin

CVE-2026-28132 – WordPress WooCommerce Photo Reviews plugin

CVE-2026-28131 – WordPress Elementor Addon Elements plugin