🟠 高危 | CVE-2026-50132 — Budibase is an open-source low-code platform. Prio...
🟠 CVE-2026-50132
CVSS 评分: 7.3(高危) | 状态: Received | 发布时间: 2026-06-26
漏洞描述
Budibase is an open-source low-code platform. Prior to 3.39.0, GET /api/chat-links/:instance/:token/handoff is a public endpoint (no auth required) that performs a permanent, state-changing operation: it binds an external chat identity (Slack/Discord/MS Teams) to an authenticated Budibase user account, with no consent UI and no CSRF protection. The session token in the URL is created by the attacker (from their own /link slash command) and embeds the attacker's externalUserId. When an authenticated Budibase victim visits the URL, their account is silently and permanently linked to the attacker's Slack/Discord identity. The server responds with "Authentication succeeded." — no indication of what was linked. This vulnerability is fixed in 3.39.0.
漏洞详情
| 字段 | 值 |
|---|---|
| CVE ID | CVE-2026-50132 |
| CVSS 评分 | 7.3(高危) |
| CVSS 向量 | CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N |
| CWE | CWE-284,CWE-352 |
| 发布时间 | 2026-06-26 |
| 最后更新 | 2026-06-26 |
| 状态 | Received |
| 数据来源 | security-advisories@github.com |
参考链接
🤖 本文由 CVE 安全快讯机器人自动生成
数据来源: NVD (National Vulnerability Database) | 获取时间: 2026-06-27 06:07