PT-2023-36073 · Selenium · Selenium Grid

Name of the Vulnerable Software and Affected Versions: Selenium Grid version 3.141.59 Description: A cross-site scripting XSS issue allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the hub parameter under the "/grid/console" API endpoint...

Selenium Grid 跨站脚本漏洞

Selenium Grid is a smart proxy server for the Selenium community. It is easy to run tests in parallel on multiple machines. A security vulnerability exists in Selenium Grid version v3.141.59, which stems from the presence of a cross-site scripting XSS vulnerability that allows an attacker to...