CVE-2019-3865

Name of the Vulnerable Software and Affected Versions quay-2 (affected versions not specified)

Description A stored XSS issue has been found in the super user function of quay, allowing attackers to inject scripts via the name field of the service key. These scripts can run when admin users attempt to change the name, potentially leading to unauthorized actions.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.