cvedb.io
CVE-2015-3623
UNKNOWN · CVSS n/a
EPSS exploitation probability: 0%
Published 2015-09-16T18:59:02.957 · Last modified 2026-06-17T00:25:59.687

Summary

XML external entity (XXE) vulnerability in QlikTech Qlikview before 11.20 SR12 allows remote attackers to conduct server-side request forgery (SSRF) attacks and read arbitrary files via crafted XML data in a request to AccessPoint.aspx.

Affected products

qlik — qlikview

Does this affect you?

Add your gear to cvedb and we'll alert you only when qlik ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.