VYPR
High severityNVD Advisory· Published Apr 19, 2022· Updated Aug 3, 2024

CVE-2022-28108

CVE-2022-28108

Description

Selenium Server (Grid) before 4 allows CSRF because it permits non-JSON content types such as application/x-www-form-urlencoded, multipart/form-data, and text/plain.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
org.seleniumhq.selenium:selenium-gridMaven
< 4.0.0-alpha-74.0.0-alpha-7
org.seleniumhq.selenium:selenium-serverMaven
<= 4.0.0-alpha-2

Affected products

4

Patches

Vulnerability mechanics

References

8

News mentions

0

No linked articles in our index yet.