Primary

Context

Qlik Talend Administration Center Broken Access Control Vulnerability Allowing URL Modification

Vulnerability

Patched

A broken access control vulnerability exists in Qlik Talend Administration Center, affecting all versions prior to Patch 20251121_QTAC-1471_R2025-11_v1-8.0.1. This vulnerability allows users with 'View' permission to alter the Qlik Talend Studio update URL, potentially leading to the download of malicious software onto a Qlik Talend Studio instance.

Impact

Exploitation of this vulnerability could result in unauthorized modification of the Talend Studio update URL, allowing for the introduction of malicious software into the Talend Studio environment.

Remediation

Users are advised to upgrade to Qlik Talend Administration Center version 8.0.1 or later. The patch addressing this vulnerability was released on November 21, 2025.

Added: May 20, 2026, 5:18 AM

Updated: May 20, 2026, 5:18 AM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

0.6

exploitability

5.2

remediation

0.0

relevance

8.9

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

0.6

exploitability

5.2

remediation

0.0

relevance

8.9

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Qlik Talend Administration Center Broken Access Control Vulnerability Allowing URL Modification

Vulnerability

Impact

Remediation

Affected Products

Qlik Talend Administration Center

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating