Relevant Security Advisory: https://community.qlik.com/t5/Official-Support-Articles/Crit...
Nuclei Detection Template: https://github.com/praetorian-inc/zeroqlik-detect
TL;DR - how do I detect this on my resources? [vulnerable instances will return a 400]: curl -H "X-Qlik-Xrfkey: 1333333333333337" -H "Host: localhost" -v -k --path-as-is https://<yourserver>/resources/qmc/fonts/../../../qrs/Reload...
Relevant Security Advisory: https://community.qlik.com/t5/Official-Support-Articles/Crit...
Nuclei Detection Template: https://github.com/praetorian-inc/zeroqlik-detect
TL;DR - how do I detect this on my resources? [vulnerable instances will return a 400]: curl -H "X-Qlik-Xrfkey: 1333333333333337" -H "Host: localhost" -v -k --path-as-is https://<yourserver>/resources/qmc/fonts/../../../qrs/Reload...