Do not input private or sensitive data. View Qlik Privacy & Cookie Policy.
Skip to main content

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Announcements
Join us in NYC Sept 4th for Qlik's AI Reality Tour! Register Now
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
fkeuroglian
Partner - Master
Partner - Master
‎2019-12-19 04:45 PM

Clickjacking vulnerability

Hi Expert

Security team of my company, said me that the qliksense server has a CLICKJACKING VULNERABILITY, and send me the attached report like the image show.

After research, i  see this support post https://support.qlik.com/articles/000066253 and modify the VIRTUAL PROXY like it said.

in advance option in Virtual proxy set this : X-Frame-Options: DENY

After that, restart the services, restart the server, and the vulnerability is still there.

is there any more to do to take out this vulnerability? Somebodoy have any recommendation?

Thanks a Lot

Fernando

Labels (2)
Labels
Preview file
86 KB
879 Views
0 Replies