A cross-site scripting (XSS) vulnerability in Selenium Grid v3.141.59 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the hub parameter under the /grid/console page.
{ "extracted_events": [ { "introduced": "3.141.59" }, { "last_affected": "3.141.59" } ], "cpe": "cpe:2.3:a:selenium:selenium_grid:3.141.59:*:*:*:*:*:*:*", "source": "CPE_STRING" }
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2020-23452.json"