CVE-2022-42248

MEDIUM

Qlikview < 12.60 - XSS

Title source: rule

QlikView 12.60.2 was discovered to contain a stored cross-site scripting (XSS) vulnerability in the QvsViewClient functionality.

nomisec 5 stars

by Ozozuz · poc

Core 2

Core References

Product

Third Party Advisory

CVSS v3 5.4

EPSS 0.0031

EPSS Percentile 53.8%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

CWE

CWE-79

Status published

Products (1)

qlik/qlikview < 12.60

Published Mar 06, 2023

Tracked Since Feb 18, 2026