THREATOPS
THREAT OPSCVEs › CVE-2023-41266

CVE-2023-41266 — Qlik Sense Path Traversal Vulnerability

CISA KEVExploited: confirmedQlik

Qlik Sense contains a path traversal vulnerability that allows a remote, unauthenticated attacker to create an anonymous session by sending maliciously crafted HTTP requests. This anonymous session could allow the attacker to send further requests to unauthorized endpoints.

Vulnerability details