KLA10668
File access vulnerability in QlikTech QlikView

XML external entity vulnerability was found in QlikView at AccessPoint.aspx. By exploiting this vulnerability malicious users can read arbitrary files. This vulnerability can be exploited remotely via a specially designed xml data.

QlikTech Qlikview versions earlier than 11.20 SR12

Update to the latest version
Get QlikView

The following public exploits exists for this vulnerability:

https://www.exploit-db.com/exploits/38118