Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

2 matches found

ATTACKERKB
ATTACKERKBadded 2023/11/15 12:0 a.m.24 views

CVE-2023-48365

Qlik Sense Enterprise for Windows before August 2023 Patch 2 allows unauthenticated remote code execution, aka QB-21683. Due to improper validation of HTTP headers, a remote attacker is able to elevate their privilege by tunneling HTTP requests, allowing them to execute HTTP requests on the backe...

9.9CVSS8.1AI score0.92414EPSS
In wildExploits0References2
CVE
CVEadded 2023/11/15 12:0 a.m.242 views

CVE-2023-48365

CVE-2023-48365 affects Qlik Sense Enterprise for Windows. The issue arises from improper validation of HTTP headers, enabling an unauthenticated remote attacker to tunnel HTTP requests and execute them on the backend server hosting the repository application (RCE potential). This vulnerability is...

9.9CVSS9.9AI score0.51735EPSS
In wildExploits0References2Affected Software1
Rows per page
Query Builder