4 Replies Latest reply: Aug 23, 2018 2:54 AM by Imir Useini RSS

    Security vulnerabilities in Qlik Sense' AngularJS

    Vegard Bakke

      Qlik Sense is using AngualrJS 1.5.8, which has four known security vulnerabilities:

      * https://snyk.io/test/npm/angular/1.5.8?severity=high&severity=medium&severity=low


      It mentions:

      * Content security policy bypass

      * Cross-site scripting (x2)

      * JSONP callback attack

      with Medium severity.


      Does anyone know if Qlik Sense is also vulnerable to this attacks, or if Qlik has fixed them in their released version of AngularJS?