Hello Qlik Users,

Today we have seven Qlik Sense patches and one for Qlik Connector for use with SAP NetWeaver:

• February 2021 Patch 5
• November 2020 Patch 10
• September 2020 Patch 12
• June 2020 Patch 16
• April 2020 Patch 16
• February 2020 Patch 12
• November 2019 Patch 17
• SAP NetWeaver 7.0.7

These patches include a fix for the security vulnerability, details of which can be found in the Security Bulletin SB: Cross-site scripting (XSS) vulnerability in Qlik Sense Enterprise.

The downloads for the patches can all be found on the Qlik Download site. The release notes for SAP NetWeaver can also be found on the Qlik Download site.

Release Notes for the Qlik Sense patches can be found in the Qlik Community, on the new Release Notes page.

Please follow best practices when upgrading Qlik Sense.

The information in this post and Security Bulletin are disclosed in accordance with our published Security and Vulnerability Policy.

Kind regards,

Qlik Global Support

5/25/2021 - Update to clarify a couple of questions:

• The versions listed in the Security Bulletin are the fixed versions. Versions prior to those listed are the affected versions.

• If you do not use the SAP connector, you still need to apply the patch for Qlik Sense.

• There is a new release that includes the security fix as well so you will most likely want to apply that patch (both do not need to be applied in that case).