Browse all 3 CVE security advisories affecting builderio. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Builderio is a web development platform focused on visual creation tools for building applications. Historically, their products have been susceptible to cross-site scripting (XSS) and remote code execution (RCE) vulnerabilities, often stemming from improper input validation and insecure deserialization. The platform's modular architecture has occasionally led to privilege escalation issues where users could access unintended functionalities. While no major public security incidents have been widely reported, the three CVEs on record highlight persistent concerns around sanitization and component isolation. Their security posture appears reactive rather than preventive, with patches typically released only after vulnerabilities are disclosed.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2023-2307 | Cross-Site Request Forgery (CSRF) in builderio/qwik — builderio/qwikCWE-352 | 4.7 | Medium | 2023-04-26 |
| CVE-2023-1283 | Code Injection in builderio/qwik — builderio/qwikCWE-94 | 10.0 | Critical | 2023-03-08 |
| CVE-2023-0410 | Cross-site Scripting (XSS) - Generic in builderio/qwik — builderio/qwikCWE-79 | 6.1 | - | 2023-01-20 |
This page lists every published CVE security advisory associated with builderio. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.