CVE-2023-41265: Qlik Sense HTTP Tunneling Vulnerability. Qlik Sense
Qlik Sense HTTP Tunneling Vulnerability. Qlik Sense contains an HTTP tunneling vulnerability that allows an attacker to escalate privileges and execute HTTP requests on the backend server hosting the software.
- CISA KEV-listed (remediation due 2023-12-28)
- used in ransomware campaigns
- EPSS 92.4% (99.7% percentile)