Checkmk is an editor. A cross-site scripting vulnerability exists in Checkmk versions 2.0.0p19 and earlier and 1.6.0p27 and earlier. The vulnerability stems from the failure to properly escape the title of a predefined condition when displayed as a condition, which can be exploited by attackers to execute JavaScript code on the client side.