575 matches found
PYSEC-2023-206
NULL Pointer Dereference in GitHub repository seleniumhq/selenium prior to 4.14.0...
CVE-2023-5590 NULL Pointer Dereference in seleniumhq/selenium
NULL Pointer Dereference in GitHub repository seleniumhq/selenium prior to 4.14.0...
CVE-2023-5590
CVE-2023-5590 : Concrete details exist across connected documents showing a NULL pointer dereference in Selenium (seleniumhq/selenium) prior to 4.14.0, specifically in the CookieWndProc function. The vulnerability can lead to denial of service and is rated HIGH (CVSS v3.1 base 7.5). Remediation i...
CVE-2023-5590 NULL Pointer Dereference in seleniumhq/selenium
NULL Pointer Dereference in GitHub repository seleniumhq/selenium prior to 4.14.0...
Selenium Code Issues Vulnerabilities
Selenium is an umbrella project from Selenium, Inc. that encapsulates a variety of tools and libraries that support web browser automation. A code issue vulnerability exists in Selenium versions prior to 4.14.0 that stems from a null pointer dereference issue...
PT-2023-32200 · Selenium · Selenium
Name of the Vulnerable Software and Affected Versions: selenium versions prior to 4.14.0 Description: The issue is a NULL Pointer Dereference in the GitHub repository seleniumhq/selenium. Recommendations: For versions prior to 4.14.0, update to version 4.14.0 or later to resolve the issue...
CVE-2023-41878
MeterSphere is a one-stop open source continuous testing platform, covering functions such as test tracking, interface testing, UI testing and performance testing. The Selenium VNC config used in Metersphere is using a weak password by default, attackers can login to vnc and obtain high...
Design/Logic Flaw
MeterSphere is a one-stop open source continuous testing platform, covering functions such as test tracking, interface testing, UI testing and performance testing. The Selenium VNC config used in Metersphere is using a weak password by default, attackers can login to vnc and obtain high...
MeterSphere Trust Management Issues Vulnerabilities
MeterSphere is MeterSphere's open source one-stop open source continuous testing platform. MeterSphere 2.10.6 LTS and earlier versions have a trust management issue vulnerability that stems from the default use of weak passwords in Selenium VNC, which allows an attacker to log in to VNC and gain...
CVE-2023-41878
MeterSphere’s CVE-2023-41878 describes a vulnerability in the Selenium VNC configuration where a weak default password allows unauthenticated access to VNC and can grant high-level privileges. Affected product: MeterSphere (Selenium VNC config). Root cause: default weak password enabling unauthor...
CVE-2023-41878 Weak password of selenium VNC in MeterSphere
MeterSphere is a one-stop open source continuous testing platform, covering functions such as test tracking, interface testing, UI testing and performance testing. The Selenium VNC config used in Metersphere is using a weak password by default, attackers can login to vnc and obtain high...
CVE-2023-41878 Weak password of selenium VNC in MeterSphere
MeterSphere is a one-stop open source continuous testing platform, covering functions such as test tracking, interface testing, UI testing and performance testing. The Selenium VNC config used in Metersphere is using a weak password by default, attackers can login to vnc and obtain high...
WordPress Theme My Login 2FA Brute Force
The theme my login plugin before 1.2 does not check how often a 2FA code was wrongly entered, allowing a bruteforce of codes to bypass 2FA effectively. A working python exploit: from typing import KeysView from selenium.webdriver.common.by import By from selenium import webdriver from...
WordPress My Login Theme 2FA Brute Force Exploit
The theme my login plugin before 1.2 does not check how often a 2FA code was wrongly entered, allowing a bruteforce of codes to bypass 2FA effectively. A working python exploit: from typing import KeysView from selenium.webdriver.common.by import By from selenium import webdriver from...
CVE-2020-23452
A cross-site scripting XSS vulnerability in Selenium Grid v3.141.59 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the hub parameter under the /grid/console page...
CVE-2020-23452
A cross-site scripting XSS vulnerability in Selenium Grid v3.141.59 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the hub parameter under the /grid/console page...
Cross site scripting
A cross-site scripting XSS vulnerability in Selenium Grid v3.141.59 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the hub parameter under the /grid/console page...
PYSEC-2023-101
A cross-site scripting XSS vulnerability in Selenium Grid v3.141.59 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the hub parameter under the /grid/console page...
PYSEC-2023-101
A cross-site scripting XSS vulnerability in Selenium Grid v3.141.59 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the hub parameter under the /grid/console page...
UBUNTU-CVE-2020-23452
A cross-site scripting XSS vulnerability in Selenium Grid v3.141.59 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the hub parameter under the /grid/console page...