Lucene search

CVE-2020-26282

🗓️ 24 Dec 2020 21:12:15Reported by GitHub_MType

cve🔗 web.nvd.nist.gov📰️ 5 Media mentions👁 68 Views

BrowserUp Proxy allows HTTP manipulation, contains RCE vulnerability

AI Insights are available for you today

Leverage the power of AI to quickly understand vulnerabilities, impacts, and exploitability

Reporter	Title	Published	Views	Family All 9
Veracode	Server-Side Template Injection	28 Dec 202002:02	–	veracode
Veracode	Remote Code Execution (RCE)	28 Dec 202004:31	–	veracode
OSV	CVE-2020-26282	24 Dec 202021:15	–	osv
OSV	Server-Side Template Injection	24 Dec 202020:49	–	osv
Cvelist	CVE-2020-26282 Template Injection in BrowserUp Proxy	24 Dec 202020:45	–	cvelist
RedhatCVE	CVE-2020-26282	5 Feb 202513:32	–	redhatcve
Prion	Remote code execution	24 Dec 202021:15	–	prion
NVD	CVE-2020-26282	24 Dec 202021:15	–	nvd
Github Security Blog	Server-Side Template Injection	24 Dec 202020:49	–	github

Nvd

Vulners

Node

browserup browserup_proxyRange<2.1.2

[
  {
    "product": "browserup-proxy",
    "vendor": "browserup",
    "versions": [
      {
        "status": "affected",
        "version": "< 2.1.2"
      }
    ]
  }
]

Source	Link
github	www.github.com/browserup/browserup-proxy/commit/4b38e7a3e20917e5c3329d0d4e9590bed9d578ab
securitylab	www.securitylab.github.com/research/bean-validation-RCE
github	www.github.com/browserup/browserup-proxy/releases/tag/v2.1.2
github	www.github.com/browserup/browserup-proxy/security/advisories/GHSA-wmfg-55f9-j8hq

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

24 Dec 2020 21:15Current

9.8High risk

Vulners AI Score9.8

CVSS27.5

CVSS310

EPSS0.07367

CWE-74