Vulnerabilities > Qlik > Qlik Sense > Critical

DATE CVE VULNERABILITY TITLE RISK
2023-11-15 CVE-2023-48365 HTTP Request Smuggling vulnerability in Qlik Sense
Qlik Sense Enterprise for Windows before August 2023 Patch 2 allows unauthenticated remote code execution, aka QB-21683.
network
low complexity
qlik CWE-444
critical
9.9
2023-08-29 CVE-2023-41265 HTTP Request Smuggling vulnerability in Qlik Sense
An HTTP Request Tunneling vulnerability found in Qlik Sense Enterprise for Windows for versions May 2023 Patch 3 and earlier, February 2023 Patch 7 and earlier, November 2022 Patch 10 and earlier, and August 2022 Patch 12 and earlier allows a remote attacker to elevate their privilege by tunneling HTTP requests in the raw HTTP request.
network
low complexity
qlik CWE-444
critical
9.9