CVE-2015-3623

QlikTech Qlikview <11.20 SR12 - SSRF

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2015-3623. PoCs published by Alex Haynes.

AI-analyzed exploit summary This exploit demonstrates a blind XXE vulnerability in QlikView, allowing SSRF and arbitrary file reading via crafted XML payloads. The PoC includes attack patterns for both SSRF and file extraction.

Description

XML external entity (XXE) vulnerability in QlikTech Qlikview before 11.20 SR12 allows remote attackers to conduct server-side request forgery (SSRF) attacks and read arbitrary files via crafted XML data in a request to AccessPoint.aspx.

Exploits (1)

exploitdb WORKING POC

by Alex Haynes · textwebappsxml

https://www.exploit-db.com/exploits/38118

View Code ZIP pw:eip

This exploit demonstrates a blind XXE vulnerability in QlikView, allowing SSRF and arbitrary file reading via crafted XML payloads. The PoC includes attack patterns for both SSRF and file extraction.

Classification

Working Poc 100%

Attack Type

Ssrf | Info Leak

Complexity

Moderate

Reliability

Reliable

Target: QlikView v11.20 SR11 and previous versions

No auth needed

Prerequisites: Access to the QlikView AccessPoint.aspx endpoint · Ability to intercept or host external DTD files

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1213 - Data from Information Repositories

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (3)

Core 3

Core References

Exploit exploit x_refsource_exploit-db

https://www.exploit-db.com/exploits/38118/

Exploit x_refsource_misc

http://packetstormsecurity.com/files/133499/Qlikview-11.20-SR4-Blind-XXE-Injection.html

Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq

http://www.securityfocus.com/archive/1/536411/100/0/threaded

Scores

EPSS 0.1576

EPSS Percentile 96.5%

Details

Status published

Products (1)

qlik/qlikview < 11.20

Published Sep 16, 2015

Tracked Since Feb 18, 2026