Thursday, April 28, 2022

CVE-2022-28108

Selenium Server (Grid) before 4 allows CSRF because it permits non-JSON content types such as application/x-www-form-urlencoded, multipart/form-data, and text/plain. (CVSS:9.3) (Last Update:2022-04-27)
http://dlvr.it/SPPrCr

No comments:

Post a Comment

Google Chrome Beta Tests New DBSC Protection Against Cookie-Stealing Attacks

Google on Tuesday said it's piloting a new feature in Chrome called Device Bound Session Credentials (DBSC) to help protect users agains...