CNNVD-202601-3828 Information

CNNVD ID

CNNVD-202601-3828

Related CVE

CVE-2025-65098

• CNNVD Published: 2026-01-22

Description (Chinese)

Typebot是Baptiste Arnaud个人开发者的一个开源聊天机器人构建器。 Typebot 3.13.2之前版本存在安全漏洞，该漏洞源于客户端脚本执行且凭据端点返回明文API密钥，可能导致窃取存储的凭据。

Description (English)

Typebot is an open-source chat robot builder for Baptiste Arnaud’s personal developer. There was a security loophole in the pre-Typebot 3.13.2 version, which originated from the execution of the client’s script and the return of the specified API key on the basis of the supporting endpoint, which could lead to the theft of the evidence stored.

Hazard Level

Medium

Vulnerability Type

其他

Affected Vendor

个人开发者

Published

2026-01-22

Last Modified

2026-02-24

References

https://github.com/baptisteArno/typebot.io/security/advisories/GHSA-4xc5-wfwc-jw47

Patch

https://typebot.io/