Qlik Community

Knowledge

Search or browse our knowledge base to find answers to your questions ranging from account questions to troubleshooting error messages. The content is curated and updated by our global Support team

Announcements
QlikWorld 2022, LIVE in Denver CO., May 16-19, 2022. REGISTER NOW TO RECEIVE EARLY BIRD PRICING

"Open URL" and "Launch" disabled for document sheet buttons in latest QlikView Plugin releases

Sonja_Bauernfeind
Digital Support
Digital Support

"Open URL" and "Launch" disabled for document sheet buttons in latest QlikView Plugin releases

A document sheet can have buttons, which in turn can have associated Actions. 

These Actions can be of several types, but there are two in particular which have been disabled in the Internet Explorer Plugin due to security concerns:

  • Launch
  • Open URL

buttons.png

 

See QV-20715: Remote Code Execution RCE. QvPlugin IE for QCS 

To benefit from the security fixes the Internet Explorer plugin need to be updated.

After an update, the disabled features can be re-enabled (not recommended). 

Environment:

QlikView April 2020 12.50 SR1
QlikView April 2019 12.40 SR4
QlikView November 2018 12.30 SR5
QlikView November 2017 12.20 SR11
QlikView 11.20 SR21

 

Resolution

Labels (1)
Comments
diegoberriel
Contributor II
Contributor II

Hi @Sonja_Bauernfeind,

Is there no way to get this enabled from server side avoiding change the setting for every single user? We have more than 2000 Qv users and several reports have link between reports and internal services pages.

Thanks

Regards,

Diego

Sonja_Bauernfeind
Digital Support
Digital Support

Hello @diegoberriel 

Not currently, no. I would suggest logging an Idea on this in our Ideas forum: https://community.qlik.com/t5/Ideas/idb-p/qlik-ideas

This will ensure that our developers know how this feature is requested. If you let me know after you posted it, I can give it a vote! 

dapostolopoylos
Creator III
Creator III

This is bad news...

qvd1rkqv
Contributor III
Contributor III

Because we are using the IE Plugin on Edge in IE Mode,  Is this still a security vulnerability on MS Edge in IE Mode? 

Sonja_Bauernfeind
Digital Support
Digital Support

@qvd1rkqv This fix was introduced for the QlikView Plugin, independent in what version (or IE Mode in Edge) it is being run.

Version history
Last update:
‎2020-09-24 07:14 AM
Updated by:
Contributors