Selenium Server (Grid) prior to 4 allows CSRF because it permits non-JSON content types such as application/x-www-form-urlencoded, multipart/form-data, and text/plain.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
selenium selenium grid 4.0.0 |
||
selenium selenium grid |