Do not input private or sensitive data. View Qlik Privacy & Cookie Policy.
Skip to main content

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Announcements
ALERT: The support homepage carousel is not displaying. We are working toward a resolution.

QlikView: jQuery 3.4.1 Cross-site Scripting (XSS) vulnerability

No ratings
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Daniele_Purrone
Support
Support

QlikView: jQuery 3.4.1 Cross-site Scripting (XSS) vulnerability

Last Update:

Mar 4, 2021 10:02:25 AM

Updated By:

Daniele_Purrone

Created date:

Mar 4, 2021 10:01:39 AM

Some QlikView versions are using jQuery 3.4.1 is affected by Cross-site Scripting (XSS) vulnerability that it solved in the 3.5

 

Environment

  • QlikView, versions up to 12.50 (April 2020) SR2

 

Resolution

jQuery is updated to 3.5.1 in version April 2020 SR3

From the QlikView April 2020 SR3 Release Notes:

Cross-site scripting (XSS) vulnerability with jQuery 3.4.1 and below Jira issue ID: QV-20277 jQuery upgraded to version 3.5.1. This replaces the fix delivered in SR2 which was found to be insufficient.

 

Cause:

Third-party vulnerability

 

QlikView
Thumbnail of QlikView
QlikView
Labels (1)
Labels:
2,004 Views
Was this article helpful? Yes No
Contributors
Version history
Last update:
‎2021-03-04 10:02 AM
Updated by:
Support