12 matches found
EUVD-2020-1509
Malware in sbrugna...
CVE-2020-26282
BrowserUp Proxy allows you to manipulate HTTP requests and responses, capture HTTP content, and export performance data as a HAR file. BrowserUp Proxy works well as a standalone proxy server, but it is especially useful when embedded in Selenium tests. A Server-Side Template Injection was...
com.aoapps:ao-appcluster-all (=2.0.1), com.aoapps:ao-appcluster-core (=2.0.1) +239 more potentially affected by CVE-2023-50387 via dnsjava:dnsjava (>=3.5.0 <=3.5.3)
dnsjava:dnsjava MAVEN version =3.5.0, =1.3.1, =1.3.1, =1.3.1, =0.3.2-patch6, =6.3.2, =1.1.1, =2.5.9, =2.5.9, =2.1.4, =2.1.4, =2.1.4, =1.0, =1.2 and more Source cves: CVE-2023-50387 Source advisory: OSV:GHSA-CRJG-W57M-RQQF...
Remote Code Execution (RCE)
BrowserUp Proxy is vulnerable to remote code execution. An attacker is able to exploit the vulnerability by injecting arbitrary Java EL expressions into the server-side template...
Server-Side Template Injection
browserup-proxy is vulnerable to server-side template injection. The vulnerability exists through the lack of sanitization of value when displaying error messages...
CVE-2020-26282
BrowserUp Proxy allows you to manipulate HTTP requests and responses, capture HTTP content, and export performance data as a HAR file. BrowserUp Proxy works well as a standalone proxy server, but it is especially useful when embedded in Selenium tests. A Server-Side Template Injection was...
CVE-2020-26282
BrowserUp Proxy allows you to manipulate HTTP requests and responses, capture HTTP content, and export performance data as a HAR file. BrowserUp Proxy works well as a standalone proxy server, but it is especially useful when embedded in Selenium tests. A Server-Side Template Injection was...
GHSA-WMFG-55F9-J8HQ Server-Side Template Injection
Impact A Server-Side Template Injection was identified in BrowserUp Proxy enabling attackers to inject arbitrary Java EL expressions, leading to unauthenticated Remote Code Execution RCE vulnerability. This has been assigned CVE-2020-26282. Patches Effective Immediately, all users should upgrade ...
Server-Side Template Injection
Impact A Server-Side Template Injection was identified in BrowserUp Proxy enabling attackers to inject arbitrary Java EL expressions, leading to unauthenticated Remote Code Execution RCE vulnerability. This has been assigned CVE-2020-26282. Patches Effective Immediately, all users should upgrade ...
CVE-2020-26282 Template Injection in BrowserUp Proxy
BrowserUp Proxy allows you to manipulate HTTP requests and responses, capture HTTP content, and export performance data as a HAR file. BrowserUp Proxy works well as a standalone proxy server, but it is especially useful when embedded in Selenium tests. A Server-Side Template Injection was...
CVE-2020-26282
CVE-2020-26282 affects BrowserUp Proxy. A Server-Side Template Injection allows attackers to inject arbitrary Java EL expressions, enabling unauthenticated Remote Code Execution. This vulnerability is fixed in version 2.1.2; affected deployments should upgrade to 2.1.2+ to mitigate. The issue ari...
BrowserUp Proxy Injection Vulnerability
Browserup Browserup Proxy is a software from Browserup, Inc. that is used to monitor, test, and manipulate the network traffic and performance of web applications. BrowserUp Proxy suffers from an injection vulnerability that can be exploited by an attacker to inject arbitrary Java EL expressions,...