CVE-2023-41266CISA KEV: Actively Exploited

Qlik Sense Path Traversal Vulnerability

Published Dec 7, 2023·Updated Dec 7, 2023

Description

Qlik Sense contains a path traversal vulnerability that allows a remote, unauthenticated attacker to create an anonymous session by sending maliciously crafted HTTP requests. This anonymous session could allow the attacker to send further requests to unauthorized endpoints.

References

View on NVD Search GitHub Search Google

Get alerted for CVEs like this

Register your stack and get notified within minutes when a matching CVE drops.

Start monitoring free