CVE-2023-4910

Name of the Vulnerable Software and Affected Versions 3Scale Admin Portal (affected versions not specified)

Description A flaw was found in 3Scale Admin Portal. If a user logs out from the personal tokens page and then presses the back button in the browser, the tokens page is rendered from the browser cache, potentially allowing an attacker to disclose protected information.

Recommendations As a temporary workaround, consider clearing the browser cache after logging out from the personal tokens page to minimize the risk of exploitation. Restrict access to the personal tokens page until a patch is available. Avoid using the back button in the browser after logging out from the personal tokens page until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.