CVE-2026-48149 | budibase up to 3.38.x MarkdownViewer.svelte cross site scripting (GHSA-57p7-9h9w-xqpw)

Inserito da Angelo Barbosa | Mag 27, 2026 | CVE

A vulnerability has been found in budibase up to 3.38.x and classified as problematic. This affects an unknown function of the file packages/bbui/src/Markdown/MarkdownViewer.svelte. Performing a manipulation results in cross site scripting.

This vulnerability is known as CVE-2026-48149. Remote exploitation of the attack is possible. No exploit is available.

The affected component should be upgraded.

CVE-2026-48149 | budibase up to 3.38.x MarkdownViewer.svelte cross site scripting (GHSA-57p7-9h9w-xqpw)

Post correlati

CVE-2023-6397 | Zyxel ATP/USG FLEX RAR File null pointer dereference

CVE-2025-0917 | IBM Cognos Analytics up to 12.0.4 cross site scripting

CVE-2024-14015 | eCommerce Plugin up to 2.9.0 on WordPress cross site scripting

CVE-2024-5853 | Sirv Plugin up to 7.2.6 on WordPress unrestricted upload