Tag
A stored cross-site scripting (XSS) vulnerability in Budibase versions prior to 3.32.5 allows authenticated users with Builder access to inject malicious HTML payloads into entity names, leading to potential session cookie theft and account takeover when other Builder users open the Command Palette.