Qlik Qlik_sense
7 CVEs affecting Qlik Qlik_sense. Latest disclosed: 2025-11-20. Critical: 2, High: 3.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2023-48365 | Critical | 9.6 | 2023-11-15 | Qlik Sense Enterprise for Windows before August 2023 Patch 2 allows unauthenticated remote code execution, aka QB-21683. Due to improper validation of HTTP hea… |
CVE-2023-41265 | Critical | 9.6 | 2023-08-29 | An HTTP Request Tunneling vulnerability found in Qlik Sense Enterprise for Windows for versions May 2023 Patch 3 and earlier, February 2023 Patch 7 and earlier… |
CVE-2023-41266 | High | 8.2 | 2023-08-29 | A path traversal vulnerability found in Qlik Sense Enterprise for Windows for versions May 2023 Patch 3 and earlier, February 2023 Patch 7 and earlier, Novembe… |
CVE-2019-11628 | High | 8.2 | 2019-05-01 | An issue was discovered in QlikView Server before 11.20 SR19, 12.00 and 12.10 before 12.10 SR11, 12.20 before SR9, and 12.30 before SR2; and Qlik Sense Enterpr… |
CVE-2025-61138 | High | 7.5 | 2025-11-20 | Qlik Sense Enterprise v14.212.13 was discovered to contain an information leak via the /dev-hub/ directory. |
CVE-2021-36761 | Medium | 5.3 | 2022-06-21 | The GeoAnalytics feature in Qlik Sense April 2020 patch 4 allows SSRF. |
CVE-2022-0564 | Medium | 5.3 | 2022-02-21 | A vulnerability in Qlik Sense Enterprise on Windows could allow an remote attacker to enumerate domain user accounts. An attacker could exploit this vulnerabil… |