Vulnerability Details : CVE-2020-15660
Missing checks on Content-Type headers in geckodriver before 0.27.0 could lead to a CSRF vulnerability, that might, when paired with a specifically prepared request, lead to remote code execution.
Vulnerability category: Cross-site request forgery (CSRF)Execute code
Exploit prediction scoring system (EPSS) score for CVE-2020-15660
0.18%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 55 %
Percentile, the proportion of vulnerabilities that are scored at or less