CVE-2023-4910

Summary

CVE-2023-4910 is a vulnerability affecting the 3Scale Admin Portal. Upon logging out from the personal tokens page and using the browser's back button, the tokens page is inadvertently displayed from the cache, revealing previously used tokens. This issue grants unauthorized access to tokens, potentially compromising the security of user accounts and applications that utilize these tokens for authentication. Users are advised to exercise caution when navigating the portal and avoid using the back button after logging out. Additionally, administrators are encouraged to update their systems as soon as a patch becomes available to mitigate this vulnerability.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.