Hi,
During the recent vulnerability test we conducted on QlikVIew (v11 SR2) access point URL, we have noticed that "the payload ]]>> was appended to the value of the public parameter". This seems to be a potential XML Injection.
I have no clue on what is this and how is it getting appended to the public parameter?
Did any of you come across this?
Regards,
Murali