SeleniumHQ/selenium

NULL Pointer Dereference in GitHub repository seleniumhq/selenium prior to 4.14.0.

A cross-site scripting (XSS) vulnerability in Selenium Grid v3.141.59 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the hub parameter under the /grid/console page.