← ExploitWatch
HomeExploited Vulnerabilities

CVE-2023-48365 — Actively Exploited: Sense (Qlik)

Qlik Sense contains an HTTP tunneling vulnerability that allows an attacker to escalate privileges and execute HTTP requests on the backend server hosting the software.

CVE IDCVE-2023-48365
VendorQlik
ProductSense
Vulnerability nameQlik Sense HTTP Tunneling Vulnerability
Date added2025-01-13
Remediation due2025-02-03
Known ransomware useKnown
Required actionApply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
DescriptionQlik Sense contains an HTTP tunneling vulnerability that allows an attacker to escalate privileges and execute HTTP requests on the backend server hosting the software.
SourceCISA Known Exploited Vulnerabilities

🔍 Search all exploited vulnerabilities →