CVE advisoryKnown Exploit
CVE-2023-48365
Qlik Sense Allows Remote Code Execution
Halo Surface Signal: 4 out of 5 — likely to be public-facing.
A vulnerability in Qlik Sense Enterprise for Windows allows unauthenticated remote code execution by improperly validating HTTP headers. This enables attackers to tunnel HTTP requests, escalate privileges, and execute code on the backend server, posing a risk to data integrity and business operations.