Checkmk is an editor. A cross-site scripting vulnerability exists in Checkmk, which stems from Checkmk version <= 2.0.0p19. When creating or editing user properties, Help Text is affected by HTML injection, which can be triggered when editing a user. An attacker could use this vulnerability to execute client-side code.