CVE-2023-41266CISA KEVEPSS p99.7%

CVE-2023-41266Qlik Sense Path Traversal Vulnerability

Qlik / Sense

Description

Qlik Sense contains a path traversal vulnerability that allows a remote, unauthenticated attacker to create an anonymous session by sending maliciously crafted HTTP requests. This anonymous session could allow the attacker to send further requests to unauthorized endpoints.

Scoring

EPSS84.97% probability of exploitation · percentile 99.7% · 2026-06-17T12:03:21Z

CISA KEV entry

Added to KEV: 2023-12-07

(incoming)1

TypeTargetConfidenceTier
KEVEntryQlik Sense Path Traversal Vulnerabilitykev-cve-2023-412660%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CVE
Qlik Sense HTTP Tunneling Vulnerability
CVE
Grafana Path Traversal Vulnerability
CVE
SysAid Server Path Traversal Vulnerability
CVE
Apache OFBiz Path Traversal Vulnerability
CVE
CVE-2025-9713
CVE
CVE-2025-11366
Sourced from NVD + CISA KEV + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.