Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cveMITRECVE-2023-4956
HistoryNov 07, 2023 - 7:12 p.m.

CVE-2023-4956

2023-11-0719:12:00
MITRE
web.nvd.nist.gov
41
quay
clickjacking
vulnerability
config-editor
pentest
nvd

6.8 Medium

AI Score

Confidence

Low

0.0005 Low

EPSS

Percentile

16.1%

JSON

A flaw was found in Quay. Clickjacking is when an attacker uses multiple transparent or opaque layers to trick a user into clicking on a button or link on another page when they intend to click on the top-level page. During the pentest, it has been detected that the config-editor page is vulnerable to clickjacking. This flaw allows an attacker to trick an administrator user into clicking on buttons on the config-editor panel, possibly reconfiguring some parts of the Quay instance.

Related

prion 1
cvelist 1
redhatcve 1
prion
prion
Design/Logic Flaw
2023-11-07 20:15:00
cvelist
cvelist
CVE-2023-4956 Quay: clickjacking on config-editor page severity
2023-11-07 19:12:00
redhatcve
redhatcve
CVE-2023-4956
2023-09-15 09:51:29

6.8 Medium

AI Score

Confidence

Low

0.0005 Low

EPSS

Percentile

16.1%

JSON
Related for CVE-2023-4956
prion1cvelist1redhatcve1