Vulnerabilities > Qlik > Qlik Sense > february.2023
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-11-15 | CVE-2023-48365 | HTTP Request Smuggling vulnerability in Qlik Sense Qlik Sense Enterprise for Windows before August 2023 Patch 2 allows unauthenticated remote code execution, aka QB-21683. | 9.9 |
| 2023-08-29 | CVE-2023-41265 | HTTP Request Smuggling vulnerability in Qlik Sense An HTTP Request Tunneling vulnerability found in Qlik Sense Enterprise for Windows for versions May 2023 Patch 3 and earlier, February 2023 Patch 7 and earlier, November 2022 Patch 10 and earlier, and August 2022 Patch 12 and earlier allows a remote attacker to elevate their privilege by tunneling HTTP requests in the raw HTTP request. | 9.9 |
| 2023-08-29 | CVE-2023-41266 | Improper Input Validation vulnerability in Qlik Sense A path traversal vulnerability found in Qlik Sense Enterprise for Windows for versions May 2023 Patch 3 and earlier, February 2023 Patch 7 and earlier, November 2022 Patch 10 and earlier, and August 2022 Patch 12 and earlier allows an unauthenticated remote attacker to generate an anonymous session. | 6.5 |