2 matches found
CVE-2023-4959
A flaw was found in Quay. Cross-site request forgery CSRF attacks force a user to perform unwanted actions in an application. During the pentest, it was detected that the config-editor page is vulnerable to CSRF. The config-editor page is used to configure the Quay instance. By coercing the...
CVE-2023-4959
CVE-2023-4959 affects Red Hat Quay where the config-editor page is vulnerable to cross-site request forgery (CSRF). Exploitation could coerce a victim’s browser to perform attacker-controlled actions on a Quay instance, including reconfiguring settings and adding admin users. Public sources consi...