What happened?
Selenium Server Grid Version 4.1.1
Security audit found reflective XSS vulnerability by entering this URL in browser:
http://YOURIPANDPORT/ui/%3Cscript%3Ealert()%3C/script%3E.shtml
This resulted in a JS popup.
How can we reproduce the issue?
http://YOURIPANDPORT/ui/%3Cscript%3Ealert()%3C/script%3E.shtml
Relevant log output
No log output to share. Open URL in browser to see JS popup
http://YOURIPANDPORT/ui/%3Cscript%3Ealert()%3C/script%3E.shtml
Operating System
Windows Server 2012
Selenium version
Java 4.1.1
What are the browser(s) and version(s) where you see this issue?
Chrome 90+
What are the browser driver(s) and version(s) where you see this issue?
Seeing it on external accessing the URL
Are you using Selenium Grid?
4.1.1
What happened?
Selenium Server Grid Version 4.1.1
Security audit found reflective XSS vulnerability by entering this URL in browser:
http://YOURIPANDPORT/ui/%3Cscript%3Ealert()%3C/script%3E.shtml
This resulted in a JS popup.
How can we reproduce the issue?
http://YOURIPANDPORT/ui/%3Cscript%3Ealert()%3C/script%3E.shtmlRelevant log output
Operating System
Windows Server 2012
Selenium version
Java 4.1.1
What are the browser(s) and version(s) where you see this issue?
Chrome 90+
What are the browser driver(s) and version(s) where you see this issue?
Seeing it on external accessing the URL
Are you using Selenium Grid?
4.1.1