CVE-2026-9056: Security fix for Qlik Talend Administration Center cross-site scripting vulnerability

Published May 20, 2026

Updated

A stored cross-site scripting vulnerability has been found in the Talend Administration Center. An attacker with permission to manage servers can store a XSS payload that can be triggered by a different user.

Affected Software

1 affected component

Qlik Talend Administration Center

Event History

May 20, 2026

CVE Published

via MITRE·04:35 AM

Data Sourced

via MITRE·04:35 AM

DescriptionSeverityWeakness

Data Sourced

via NVD·05:16 AM

DescriptionSeverity

Frequently Asked Questions

What is the severity of CVE-2026-9056?

CVE-2026-9056 is classified as a medium severity vulnerability.

How do I fix CVE-2026-9056?

To remediate CVE-2026-9056, update your Qlik Talend Administration Center to the latest version that includes the security patch.

Who is affected by CVE-2026-9056?

Any user with permission to manage servers in the Qlik Talend Administration Center is potentially affected by CVE-2026-9056.

What type of vulnerability is CVE-2026-9056?

CVE-2026-9056 is a stored cross-site scripting (XSS) vulnerability.

Can CVE-2026-9056 be exploited remotely?

Yes, CVE-2026-9056 can be exploited remotely by attackers with the appropriate permissions.

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.