← ExploitWatch
HomeExploited Vulnerabilities

CVE-2023-41265 — Actively Exploited: Sense (Qlik)

Qlik Sense contains an HTTP tunneling vulnerability that allows an attacker to escalate privileges and execute HTTP requests on the backend server hosting the software.

CVE IDCVE-2023-41265
VendorQlik
ProductSense
Vulnerability nameQlik Sense HTTP Tunneling Vulnerability
Date added2023-12-07
Remediation due2023-12-28
Known ransomware useKnown
Required actionApply remediations or mitigations per vendor instructions or discontinue use of the product if remediation or mitigations are unavailable.
DescriptionQlik Sense contains an HTTP tunneling vulnerability that allows an attacker to escalate privileges and execute HTTP requests on the backend server hosting the software.
SourceCISA Known Exploited Vulnerabilities

🔍 Search all exploited vulnerabilities →