Unlock a world of possibilities! Login now and discover the exclusive benefits awaiting you.
While doing application vulnerabilities scan we found below issues, 1. Session token in url is visible:- Qlik ticket is visible in qlik application url. 2. Cookies path is not set:- X-Qlik-Session cookie in virtual proxy. This cookie path is not set to root folder. 3. Etag Version Disclosure:- etag is visible on qlik application page.
Hi @Pawan_Mahajan,
Can you please raise a case with support directly for this issue an be sure to include all the information as mentioned in the article below
- https://community.qlik.com/t5/Knowledge/Qlik-Security-Vulnerability-Policy/ta-p/1713629
You can find the steps to raise a case with support here
- https://community.qlik.com/t5/Knowledge/How-to-create-a-case-and-contact-Qlik-Support/ta-p/1710992