CVE-2020-26282

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2020-26282
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2020-26282.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2020-26282
Aliases
Related
Published
2020-12-24T21:15:12.727Z
Modified
2026-04-11T11:23:28.770385Z
Severity
  • 10.0 (Critical) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H CVSS Calculator
Summary
[none]
Details

BrowserUp Proxy allows you to manipulate HTTP requests and responses, capture HTTP content, and export performance data as a HAR file. BrowserUp Proxy works well as a standalone proxy server, but it is especially useful when embedded in Selenium tests. A Server-Side Template Injection was identified in BrowserUp Proxy enabling attackers to inject arbitrary Java EL expressions, leading to unauthenticated Remote Code Execution (RCE) vulnerability. This has been patched in version 2.1.2.

References

Affected packages

Git / github.com/browserup/browserup-proxy

Affected ranges

Type
GIT
Repo
https://github.com/browserup/browserup-proxy
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
5e8bb5f6e4dbed3d08313b3d6c273bea289f4a2f
Fixed
4b38e7a3e20917e5c3329d0d4e9590bed9d578ab
Database specific 
{
    "versions": [
        {
            "introduced": "0"
        },
        {
            "fixed": "2.1.2"
        }
    ]
}

Affected versions

v1.*
v1.0.0
v1.1.0
v1.2.0
v2.*
v2.0.0
v2.0.1
v2.1.0
v2.1.1

Database specific

vanir_signatures_modified 
"2026-04-11T11:23:28Z"
vanir_signatures 
[
    {
        "id": "CVE-2020-26282-07913308",
        "target": {
            "file": "browserup-proxy-rest/src/main/java/com/browserup/bup/rest/validation/NotBlankConstraint.java"
        },
        "deprecated": false,
        "digest": {
            "line_hashes": [
                "62705127237228330214511342128237164751",
                "5359640851145549638866712766805879518",
                "297206839653373226177901466125587520990",
                "242107512619188650095886376651999611879",
                "72694269144881076245139249871116653574",
                "184629179984479812640762543115160944494",
                "25560523486526004696161727340614453649",
                "241067637770039370136394021499811064497",
                "223878242009853470416490071302208779315",
                "335391923332883398951730313256478179123"
            ],
            "threshold": 0.9
        },
        "signature_type": "Line",
        "source": "https://github.com/browserup/browserup-proxy/commit/4b38e7a3e20917e5c3329d0d4e9590bed9d578ab",
        "signature_version": "v1"
    },
    {
        "id": "CVE-2020-26282-0b68df8a",
        "target": {
            "file": "browserup-proxy-rest/src/main/java/com/browserup/bup/rest/validation/NotBlankConstraint.java",
            "function": "isValid"
        },
        "deprecated": false,
        "digest": {
            "function_hash": "17772521804178216152255365000674722619",
            "length": 306.0
        },
        "signature_type": "Function",
        "source": "https://github.com/browserup/browserup-proxy/commit/4b38e7a3e20917e5c3329d0d4e9590bed9d578ab",
        "signature_version": "v1"
    },
    {
        "id": "CVE-2020-26282-0e7b44ab",
        "target": {
            "file": "browserup-proxy-rest/src/main/java/com/browserup/bup/rest/validation/PatternConstraint.java"
        },
        "deprecated": false,
        "digest": {
            "line_hashes": [
                "62705127237228330214511342128237164751",
                "5359640851145549638866712766805879518",
                "297206839653373226177901466125587520990",
                "220918554502817279215404382956714278601",
                "134205446665905044430701779504177897484",
                "302630803810307275009701327206017179586",
                "96609588170494186359636266126651957758",
                "335391923332883398951730313256478179123"
            ],
            "threshold": 0.9
        },
        "signature_type": "Line",
        "source": "https://github.com/browserup/browserup-proxy/commit/4b38e7a3e20917e5c3329d0d4e9590bed9d578ab",
        "signature_version": "v1"
    },
    {
        "id": "CVE-2020-26282-1cf49787",
        "target": {
            "file": "browserup-proxy-rest/src/main/java/com/browserup/bup/rest/validation/PortWithExistingProxyConstraint.java"
        },
        "deprecated": false,
        "digest": {
            "line_hashes": [
                "8104072571976194654945470107685605680",
                "233090993087025362880428090044017743950",
                "274841863706886911585181970800763362405",
                "51650785371208331513620414661709397450",
                "80398697409498484280586104220797385191",
                "134037606666832341217424786334914439824",
                "41250796516284312359131284516371167593",
                "228050217009254585550437278525648505829",
                "89668174702956914652839269580985331515",
                "335391923332883398951730313256478179123"
            ],
            "threshold": 0.9
        },
        "signature_type": "Line",
        "source": "https://github.com/browserup/browserup-proxy/commit/4b38e7a3e20917e5c3329d0d4e9590bed9d578ab",
        "signature_version": "v1"
    },
    {
        "id": "CVE-2020-26282-8f5456e6",
        "target": {
            "file": "browserup-proxy-rest/src/main/java/com/browserup/bup/rest/validation/PortWithExistingProxyConstraint.java",
            "function": "isValid"
        },
        "deprecated": false,
        "digest": {
            "function_hash": "280699412566424902469929154518623209741",
            "length": 312.0
        },
        "signature_type": "Function",
        "source": "https://github.com/browserup/browserup-proxy/commit/4b38e7a3e20917e5c3329d0d4e9590bed9d578ab",
        "signature_version": "v1"
    },
    {
        "id": "CVE-2020-26282-ab553746",
        "target": {
            "file": "browserup-proxy-rest/src/main/java/com/browserup/bup/rest/validation/LongPositiveConstraint.java",
            "function": "isValid"
        },
        "deprecated": false,
        "digest": {
            "function_hash": "177640734559221422993153003403500065479",
            "length": 498.0
        },
        "signature_type": "Function",
        "source": "https://github.com/browserup/browserup-proxy/commit/4b38e7a3e20917e5c3329d0d4e9590bed9d578ab",
        "signature_version": "v1"
    },
    {
        "id": "CVE-2020-26282-b8488169",
        "target": {
            "file": "browserup-proxy-rest/src/main/java/com/browserup/bup/rest/validation/PatternConstraint.java",
            "function": "isValid"
        },
        "deprecated": false,
        "digest": {
            "function_hash": "58806768861433164854656764532029647503",
            "length": 354.0
        },
        "signature_type": "Function",
        "source": "https://github.com/browserup/browserup-proxy/commit/4b38e7a3e20917e5c3329d0d4e9590bed9d578ab",
        "signature_version": "v1"
    },
    {
        "id": "CVE-2020-26282-b84c28e0",
        "target": {
            "file": "browserup-proxy-rest/src/main/java/com/browserup/bup/rest/validation/LongPositiveConstraint.java"
        },
        "deprecated": false,
        "digest": {
            "line_hashes": [
                "27456502788477229029438521942847375552",
                "73210719705537214855738151857378984182",
                "38219448187902866900776222185200107235",
                "320885388441705983424035786294127910327",
                "328549114757843401132142520615275996283",
                "229281617955519817079721918160795250636",
                "242202785458448094723177809324798716870",
                "269213181999822436652593942806183504494",
                "89569514878642737579049541795327174568",
                "10317758889201181955287721663256694689",
                "258369016656540913497468233998371844855",
                "335391923332883398951730313256478179123"
            ],
            "threshold": 0.9
        },
        "signature_type": "Line",
        "source": "https://github.com/browserup/browserup-proxy/commit/4b38e7a3e20917e5c3329d0d4e9590bed9d578ab",
        "signature_version": "v1"
    }
]
source 
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2020-26282.json"