CVE-2020-15660

More information about this CVE will likely be available in a few days.

Description

Missing checks on Content-Type headers in geckodriver before 0.27.0 could lead to a CSRF vulnerability, that might, when paired with a specifically prepared request, lead to remote code execution.

Related CPE's

Could not find any relations

References

https://github.com/mozilla/geckodriver/releases/tag/v0.27.0

CvssV3 impact

Could not find any metrics

CvssV2 impact

Could not find any metrics

Created by Yello

About Severity.io