https://community.qlik.com/t5/QlikView/Application-Security/m-p/1820#M1324301 <HTML><HEAD></HEAD><BODY><P>No</P></BODY></HTML> Fri, 19 Jan 2018 07:46:57 GMT petter 2018-01-19T07:46:57Z https://community.qlik.com/t5/QlikView/Application-Security/m-p/1819#M1324300 <HTML><HEAD></HEAD><BODY><P>Is it secure to expose the application to the web?</P><P></P><P>Using <SPAN style="mso-fareast-language: EN-US; mso-bidi-language: AR-SA; color: #000000; font-size: 9pt; mso-ansi-language: EN-US; font-family: 'Segoe UI',sans-serif; mso-fareast-theme-font: minor-latin; mso-fareast-font-family: Calibri;">QV Version: 12.0.203 with below javascripts:</SPAN></P><P></P><P></P><P><SPAN style="color: #000000; font-family: Courier New;"><SPAN> ITEM ONE:</SPAN></SPAN></P><P></P><P></P><P><SPAN style="font-family: 'Segoe UI',sans-serif; font-size: 9pt;"><SPAN style="color: #000000;"><SPAN style="font-family: courier new,courier;">/qlikview/js/jquerymigrate.min.js Alert group Vulnerable Javascript library Severity Medium</SPAN><BR /></SPAN><SPAN style="font-family: courier new,courier;"><SPAN style="color: #000000;"> Description<BR /> You are using a vulnerable Javascript library. One or more vulnerabilities were reported for this version of the Javascript library. Consult Attack details and Web References for more information about the affected library and the vulnerabilities that were reported. Recommendations Upgrade to the latest version. Alert variants<BR /> Details<BR /> Detected Javascript library jquery-migrate version 1.2.1. The version was detected from file content.<BR /> References:<BR /> </SPAN><A href="http://bugs.jquery.com/ticket/11290" title="Click to follow link: http://bugs.jquery.com/ticket/11290" target="_blank"><SPAN style="color: #0000ff; text-decoration: underline;">http://bugs.jquery.com/ticket/11290</SPAN></A><SPAN style="color: #000000;"> </SPAN><A href="http://research.insecurelabs.org/jquery/test/" title="Click to follow link: http://research.insecurelabs.org/jquery/test/" target="_blank"><SPAN style="color: #0000ff; text-decoration: underline;">http://research.insecurelabs.org/jquery/test/</SPAN></A></SPAN><BR /><SPAN style="font-family: courier new,courier;"><SPAN style="color: #000000;"> GET /qlikview/js/jquery-migrate.min.js HTTP/1.1 Pragma: no-cache Cache-Control: no-cache Referer: </SPAN><A href="https://ifms.vsecorp.com/qlikview/index.htm" title="Click to follow link: https://ifms.vsecorp.com/qlikview/index.htm" target="_blank"><SPAN style="color: #0000ff; text-decoration: underline;">https://ifms.vsecorp.com/qlikview/index.htm</SPAN></A><SPAN style="color: #000000;"> Host: ifms.vsecorp.com Connection: Keep-alive Accept-Encoding: gzip,deflate User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.21 (KHTML, like Gecko) Chrome/41.0.2228.0 Safari/537.21 Accept: */*<BR /></SPAN><SPAN style="color: #000000;"> <BR /> ITEM TWO: <BR /> /qlikview/js/jquery.min.js Alert group Vulnerable Javascript library Severity Medium<BR /> Description<BR /> You are using a vulnerable Javascript library. One or more vulnerabilities were reported for this version of the Javascript library. Consult Attack details and Web References for more information about the affected library and the vulnerabilities that were reported. Recommendations Upgrade to the latest version.<BR /> Alert variants<BR /> Details<BR /> Detected Javascript library jquery version 1.11.3. The version was detected from file content.<BR /> References:<BR /> </SPAN><A href="https://github.com/jquery/jquery/issues/2432" title="Click to follow link: https://github.com/jquery/jquery/issues/2432" target="_blank"><SPAN style="color: #0000ff; text-decoration: underline;">https://github.com/jquery/jquery/issues/2432</SPAN></A><SPAN style="color: #000000;"> </SPAN><A href="http://blog.jquery.com/2016/01/08/jquery-2-2-and-1-12-released/" title="Click to follow link: http://blog.jquery.com/2016/01/08/jquery-2-2-and-1-12-released/" target="_blank"><SPAN style="color: #0000ff; text-decoration: underline;">http://blog.jquery.com/2016/01/08/jquery-2-2-and-1-12-released/</SPAN></A></SPAN><BR /><SPAN style="font-family: courier new,courier;"><SPAN style="color: #000000;"> GET /qlikview/js/jquery.min.js HTTP/1.1 Pragma: no-cache Cache-Control: no-cache Referer: </SPAN><A href="https://ifms.vsecorp.com/qlikview/index.htm" title="Click to follow link: https://ifms.vsecorp.com/qlikview/index.htm" target="_blank"><SPAN style="color: #0000ff; text-decoration: underline;">https://ifms.vsecorp.com/qlikview/index.htm</SPAN></A><SPAN style="color: #000000;"> Host: ifms.vsecorp.com Connection: Keep-alive Accept-Encoding: gzip,deflate User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.21 (KHTML, like Gecko) Chrome/41.0.2228.0 Safari/537.21 Accept: */*</SPAN></SPAN></SPAN></P><P><SPAN style="color: #000000; font-family: Times New Roman; font-size: 12pt;">&nbsp; </SPAN></P><P><SPAN style="color: #1f497d; font-family: 'Calibri',sans-serif; font-size: 11pt;"> Any suggestions.</SPAN></P><P><SPAN style="color: #1f497d; font-family: 'Calibri',sans-serif; font-size: 11pt;">Thanks</SPAN></P><P></P><P><SPAN style="color: #000000; font-family: Times New Roman; font-size: 12pt;">&nbsp; </SPAN></P><P></P></BODY></HTML> Mon, 26 Jan 2026 18:19:17 GMT https://community.qlik.com/t5/QlikView/Application-Security/m-p/1819#M1324300 Anonymous 2026-01-26T18:19:17Z https://community.qlik.com/t5/QlikView/Application-Security/m-p/1820#M1324301 <HTML><HEAD></HEAD><BODY><P>No</P></BODY></HTML> Fri, 19 Jan 2018 07:46:57 GMT https://community.qlik.com/t5/QlikView/Application-Security/m-p/1820#M1324301 petter 2018-01-19T07:46:57Z