CVE-2023-41266: Qlik Sense Path Traversal Vulnerability. Qlik Sense

Qlik Sense Path Traversal Vulnerability. Qlik Sense contains a path traversal vulnerability that allows a remote, unauthenticated attacker to create an anonymous session by sending maliciously crafted HTTP requests. This anonymous session could allow the attacker to send further requests to unauthorized endpoints.

• CISA KEV-listed (remediation due 2023-12-28)
• used in ransomware campaigns
• EPSS 94.2% (99.9% percentile)

Browse the CVE database

Read the full analysis on IntelFusions