COOEY // HUBcompliance · community · intelligence

FAIL › dossier

Sense product

3
failure events
0
zero-days
0
RCEs
3
on KEV
3
critical
80
worst shame

Dossier not yet built — the RAG curator builds one for players with ≥2 failure events (factory/dossier.py). The failure history and sentiment below are live.

Failure history 3 events

DateEventSevFlagsShameSummary
2025-01-13 CVE-2023-48365 critical ⌖KEV 80 Qlik Sense contains an HTTP tunneling vulnerability that allows an attacker to escalate privileges and execute HTTP requests on the backend server hosting the software.
2023-12-07 CVE-2023-41265 critical ⌖KEV 80 Qlik Sense contains an HTTP tunneling vulnerability that allows an attacker to escalate privileges and execute HTTP requests on the backend server hosting the software.
2023-12-07 CVE-2023-41266 critical ⌖KEV 80 Qlik Sense contains a path traversal vulnerability that allows a remote, unauthenticated attacker to create an anonymous session by sending maliciously crafted HTTP requests. This anonymous session could allow the attacker to send further requests to unauthorized endpoints.