216.73.217.139

CVE-2023-41266

· Published 07/12/2023 01:00 · Modified 21/12/2025 03:42 · Author: Cybersecurity and Infrastructure Security Agency

Labels: CVE-2023-41266

Essential information

Published
07/12/2023 01:00
Modified
21/12/2025 03:42
Author
Cybersecurity and Infrastructure Security Agency
Creator
Cybersecurity and Infrastructure Security Agency
CVSS
8.2 HIGH (v3.1)
CISA KEV
Yes
CWE
CVSS vector
CVSS:3.1/AV:N/C:H/I:L/A:N

CVSS metrics

Description

Qlik Sense contains a path traversal vulnerability that allows a remote, unauthenticated attacker to create an anonymous session by sending maliciously crafted HTTP requests. This anonymous session could allow the attacker to send further requests to unauthorized endpoints.

NVD status

NVD
View on NVD