VYPR
Unrated severityNVD Advisory· Published Sep 16, 2015· Updated Jun 17, 2026

CVE-2015-3623

CVE-2015-3623

Description

XML external entity (XXE) vulnerability in QlikTech Qlikview before 11.20 SR12 allows remote attackers to conduct server-side request forgery (SSRF) attacks and read arbitrary files via crafted XML data in a request to AccessPoint.aspx.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Qlik/Qlikview2 versions
    cpe:2.3:a:qlik:qlikview:*:sr11:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:qlik:qlikview:*:sr11:*:*:*:*:*:*range: <=11.20
    • (no CPE)range: <11.20 SR12

Patches

Vulnerability mechanics

References

3

News mentions

0

No linked articles in our index yet.