Re: Vulnerabilities found during QlikSense applica... - Qlik Community

Pawan_Mahajan · ‎2021-12-28

While doing application vulnerabilities scan we found below issues, 1. Session token in url is visible:- Qlik ticket is visible in qlik application url. 2. Cookies path is not set:- X-Qlik-Session cookie in virtual proxy. This cookie path is not set to root folder. 3. Etag Version Disclosure:- etag is visible on qlik application page.

Seanog_Murphy · ‎2022-01-04

Hi @Pawan_Mahajan,

Can you please raise a case with support directly for this issue an be sure to include all the information as mentioned in the article below
- https://community.qlik.com/t5/Knowledge/Qlik-Security-Vulnerability-Policy/ta-p/1713629

You can find the steps to raise a case with support here
- https://community.qlik.com/t5/Knowledge/How-to-create-a-case-and-contact-Qlik-Support/ta-p/1710992

Vulnerabilities found during QlikSense application scan

Security

Security & Governance