Skip to main content
Announcements
Have questions about Qlik Connect? Join us live on April 10th, at 11 AM ET: SIGN UP NOW
cancel
Showing results for 
Search instead for 
Did you mean: 
Not applicable

query on "public" parameter value when requesting QvsViewClient.aspx

Hi,

During the recent vulnerability test we conducted on QlikVIew (v11 SR2) access point URL, we have noticed that "the payload ]]>> was appended to the value of the public parameter". This seems to be a potential XML Injection.

I have no clue on what is this and how is it getting appended to the public parameter?

Did any of you come across this?

Regards,

Murali

0 Replies