575 matches found
Selenium Grid 跨站脚本漏洞
Selenium Grid is a smart proxy server for the Selenium community. It is easy to run tests in parallel on multiple machines. A security vulnerability exists in Selenium Grid version v3.141.59, which stems from the presence of a cross-site scripting XSS vulnerability that allows an attacker to...
CVE-2020-23452
CVE-2020-23452 affects Selenium Grid v3.141.59. The XSS vulnerability occurs in the hub parameter on the /grid/console page, allowing injection of arbitrary scripts/HTML. Documented impact is privacy/Integrity concerns with low to moderate severity (CVSS v3.1 base 6.1). No patch or remediation de...
CVE-2020-23452
A cross-site scripting XSS vulnerability in Selenium Grid v3.141.59 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the hub parameter under the /grid/console page...
CVE-2020-23452
A cross-site scripting XSS vulnerability in Selenium Grid v3.141.59 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the hub parameter under the /grid/console page...
PT-2023-36073 · Selenium · Selenium Grid
Name of the Vulnerable Software and Affected Versions: Selenium Grid version 3.141.59 Description: A cross-site scripting XSS issue allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the hub parameter under the "/grid/console" API endpoint...
Malicious code in selenium-matplotlib (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis c33741bca6736c936d2c0540044a5d38caf6a18b6981e6268da4295f64985a68 The OpenSSF Package Analysis project identified 'selenium-matplotlib' @ 17.9.4 pypi as malicious. It is considered malicious because: - The...
MAL-2023-1406 Malicious code in selenium-matplotlib (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis c33741bca6736c936d2c0540044a5d38caf6a18b6981e6268da4295f64985a68 The OpenSSF Package Analysis project identified 'selenium-matplotlib' @ 17.9.4 pypi as malicious. It is considered malicious because: - The...
Malicious code in numpy-selenium (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis dc92a371c845859241fd20b897b00c4b6c39fcc8ec83dfe9fbb0146c36d267c5 The OpenSSF Package Analysis project identified 'numpy-selenium' @ 5.20.19 pypi as malicious. It is considered malicious because: - The package...
MAL-2023-1382 Malicious code in numpy-selenium (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis dc92a371c845859241fd20b897b00c4b6c39fcc8ec83dfe9fbb0146c36d267c5 The OpenSSF Package Analysis project identified 'numpy-selenium' @ 5.20.19 pypi as malicious. It is considered malicious because: - The package...
Malicious code in pyyaml-selenium (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 9582f8c7828335bcf6299260ea76656239fbbc52addbad1db96f04025109ead7 The OpenSSF Package Analysis project identified 'pyyaml-selenium' @ 1.15.3 pypi as malicious. It is considered malicious because: - The package...
MAL-2023-1398 Malicious code in pyyaml-selenium (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 9582f8c7828335bcf6299260ea76656239fbbc52addbad1db96f04025109ead7 The OpenSSF Package Analysis project identified 'pyyaml-selenium' @ 1.15.3 pypi as malicious. It is considered malicious because: - The package...
Malicious code in sys-selenium (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis a1ae15b4cab934fe2bdb8472ceb8f00edfd582688a810321e7e4814ca66cbe98 The OpenSSF Package Analysis project identified 'sys-selenium' @ 9.1.9 pypi as malicious. It is considered malicious because: - The package...
MAL-2023-1417 Malicious code in sys-selenium (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis a1ae15b4cab934fe2bdb8472ceb8f00edfd582688a810321e7e4814ca66cbe98 The OpenSSF Package Analysis project identified 'sys-selenium' @ 9.1.9 pypi as malicious. It is considered malicious because: - The package...
Swagger UI 4.1.3 Critical Information Misrepresentation
Exploit Title: Swagger UI 4.1.3 - User Interface UI Misrepresentation of Critical Information Date: 14 April, 2023 Exploit Author: Rafael Cintra Lopes Vendor Homepage: https://swagger.io/ Version: 4.1.3 CVE: CVE-2018-25031 Site: https://rafaelcintralopes.com.br/ Usage: python swagger-exploit.py...
Swagger UI 4.1.3 - User Interface (UI) Misrepresentation of Critical Information Exploit
Exploit Title: Swagger UI 4.1.3 - User Interface UI Misrepresentation of Critical Information Exploit Author: Rafael Cintra Lopes Vendor Homepage: https://swagger.io/ Version: 4.1.3 CVE: CVE-2018-25031 Site: https://rafaelcintralopes.com.br/ Usage: python swagger-exploit.py https://swagger-page.c...
Swagger UI 4.1.3 - User Interface (UI) Misrepresentation of Critical Information
Exploit Title: Swagger UI 4.1.3 - User Interface UI Misrepresentation of Critical Information Date: 14 April, 2023 Exploit Author: Rafael Cintra Lopes Vendor Homepage: https://swagger.io/ Version: 4.1.3 CVE: CVE-2018-25031 Site: https://rafaelcintralopes.com.br/ Usage: python swagger-exploit.py...
Security Bulletin: Multiple vulnerabilities of Mozilla Firefox (less than Firefox 102.8ESR) have affected APM Synthetic Playback Agent
Summary APM Synthetic Playback Agent is vulnerable to Firefox ESR CVE-2023-25730, CVE-2023-25729, CVE-2023-25742, CVE-2023-25734, CVE-2023-25738, CVE-2023-25728 . Firefox ESR is used by APM Synthetic Playback Agent for running the selenium scripts. The fix includes support for Firefox 102.8 ESR...
Malicious code in seleinum (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: checkmarx 05d2793b08bdbaa90731b8446c6ccbc0df25d3f8af81011bd03a2d85cf31dbd8 Attacker distributed 900+ malicious packages via PyPi, infecting local browsers with malicious extension to manipulate clipboard and replace crypto wallet...
MAL-2023-2232 Malicious code in seleenium (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: checkmarx aedef854e63388485e0620f494cfcc557ed77d34b4296216ea869ba2cddec80b Attacker distributed 900+ malicious packages via PyPi, infecting local browsers with malicious extension to manipulate clipboard and replace crypto wallet...
MAL-2023-2237 Malicious code in seleniumm (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: checkmarx 96e73b8d4e768674f465eb608ffe826d16e12fe10dff319ca4502a911208368b Attacker distributed 900+ malicious packages via PyPi, infecting local browsers with malicious extension to manipulate clipboard and replace crypto wallet...