Lucene search
K

6 matches found

RedhatCVE
RedhatCVE
added 2025/02/05 1:32 p.m.22 views

CVE-2020-26282

BrowserUp Proxy allows you to manipulate HTTP requests and responses, capture HTTP content, and export performance data as a HAR file. BrowserUp Proxy works well as a standalone proxy server, but it is especially useful when embedded in Selenium tests. A Server-Side Template Injection was...

10CVSS7.7AI score0.04629EPSS
Exploits1
Circl
Circl
added 2020/12/25 12:55 a.m.8 views

CVE-2020-26282

creationtimestamp| type| source ---|---|--- 2020-12-25 00:55:13+00:00| seen| https://t.me/cibsecurity/21295...

10CVSS8.7AI score0.04629EPSS
Exploits1References1
OSV
OSV
added 2020/12/24 8:49 p.m.24 views

GHSA-WMFG-55F9-J8HQ Server-Side Template Injection

Impact A Server-Side Template Injection was identified in BrowserUp Proxy enabling attackers to inject arbitrary Java EL expressions, leading to unauthenticated Remote Code Execution RCE vulnerability. This has been assigned CVE-2020-26282. Patches Effective Immediately, all users should upgrade ...

10CVSS9.9AI score0.04629EPSS
Exploits1References5
Github Security Blog
Github Security Blog
added 2020/12/24 8:49 p.m.89 views

Server-Side Template Injection

Impact A Server-Side Template Injection was identified in BrowserUp Proxy enabling attackers to inject arbitrary Java EL expressions, leading to unauthenticated Remote Code Execution RCE vulnerability. This has been assigned CVE-2020-26282. Patches Effective Immediately, all users should upgrade ...

10CVSS9.9AI score0.04629EPSS
Exploits1References6Affected Software1
Cvelist
Cvelist
added 2020/12/24 8:45 p.m.50 views

CVE-2020-26282 Template Injection in BrowserUp Proxy

BrowserUp Proxy allows you to manipulate HTTP requests and responses, capture HTTP content, and export performance data as a HAR file. BrowserUp Proxy works well as a standalone proxy server, but it is especially useful when embedded in Selenium tests. A Server-Side Template Injection was...

10CVSS9.9AI score0.04629EPSS
Exploits1References4
CVE
CVE
added 2020/12/24 8:45 p.m.90 views

CVE-2020-26282

CVE-2020-26282 affects BrowserUp Proxy. A Server-Side Template Injection allows attackers to inject arbitrary Java EL expressions, enabling unauthenticated Remote Code Execution. This vulnerability is fixed in version 2.1.2; affected deployments should upgrade to 2.1.2+ to mitigate. The issue ari...

10CVSS9.8AI score0.04629EPSS
Exploits1References4Affected Software1
Rows per page
Query Builder