Vendor
Budibase Multiple Vulnerabilities
2 rules 5 TTPsMultiple vulnerabilities in Budibase could be exploited by an attacker to gain administrative privileges, bypass security measures, perform cross-site scripting attacks, manipulate data, or disclose confidential information.
Budibase Stored XSS Vulnerability via Unrestricted File Upload (CVE-2026-46426)
2 rules 3 TTPsBudibase is vulnerable to persistent stored XSS (CVE-2026-46426) due to unrestricted file upload of active content by authenticated users, leading to potential session cookie theft and account takeover.
Budibase Builder-to-Admin Privilege Escalation via Unsecured onboardUsers Endpoint
2 rules 1 TTPA privilege escalation vulnerability exists in Budibase's `onboardUsers` endpoint (CVE-2026-45716) allowing a builder-level user to create global admin accounts by bypassing the intended invite flow when SMTP is not configured, due to insufficient authorization checks and direct user creation with attacker-controlled roles.
Budibase Security Bypass Vulnerability
2 rules 1 TTPAn authenticated remote attacker can exploit a vulnerability in Budibase to bypass security measures and manipulate data.
Budibase REST Datasource SSRF via HTTP Redirect Bypass (CVE-2026-45715)
2 rules 1 TTP 3 IOCsBudibase is vulnerable to server-side request forgery (SSRF) via HTTP redirects in the REST datasource integration, allowing authenticated Builders to bypass IP blacklists and access internal services.
Budibase XSS Leads to Account Takeover via JWT Theft
2 rules 1 TTPThe `budibase:auth` cookie in Budibase is set without the `httpOnly` flag, enabling attackers with XSS to steal JWTs and gain persistent access to user accounts.