Description
TypeBot is a chatbot builder tool. Versions 3.15.2 and prior contain a critical stored XSS vulnerability in the app.typebot.io profile picture upload form. The application fails to sanitize or restrict SVG/XML-based uploads and directly renders them when accessed through the domain. By uploading a crafted malicious SVG file containing embedded JavaScript, an attacker will execute arbitrary JavaScript code. This vulnerability directly enables stored XSS exploitation because the payload is persistently stored on your infrastructure (app.typebot.io) and accessible from a public-facing, permanent link. Stored XSS via malicious SVG uploads to app.typebot.io allows attackers to execute arbitrary JavaScript in victims' browsers, enabling session/token theft, account takeover, and exfiltration of sensitive user data. This issue has been fixed in version 3.16.0.
Published: 2026-05-22
Score: 8.5 High
EPSS: n/a
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

A malicious SVG file can be uploaded through the profile picture form and is stored without proper sanitization. The stored file is rendered publicly by the application, allowing the embedded JavaScript to run in any user’s browser that visits the link. This capability can lead to session or token theft, account takeover, and exfiltration of sensitive data.

Affected Systems

Versions 3.15.2 and earlier of TypeBot from baptisteArno/typebot.io are affected. The vulnerability is fixed in version 3.16.0.

Risk and Exploitability

The CVSS score of 8.5 indicates a high severity risk. No EPSS score is available, but the stored nature of the flaw makes exploitation likely for attackers who can upload files. The vulnerability is not listed in the CISA KEV catalog. Successful exploitation requires uploading a crafted SVG file through the profile picture interface, after which the payload remains permanently accessible via a public link.

Generated by OpenCVE AI on May 22, 2026 at 19:21 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade TypeBot to version 3.16.0 or later.
  • If an immediate upgrade is not possible, disable the profile picture upload feature or configure the server to reject .svg and XML files entirely.
  • Implement strict MIME type validation on the server and sanitize or remove SVG and XML content before storage to prevent similar XSS attacks.

Generated by OpenCVE AI on May 22, 2026 at 19:21 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Fri, 22 May 2026 20:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'poc', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Fri, 22 May 2026 18:45:00 +0000

Type Values Removed Values Added
Description TypeBot is a chatbot builder tool. Versions 3.15.2 and prior contain a critical stored XSS vulnerability in the app.typebot.io profile picture upload form. The application fails to sanitize or restrict SVG/XML-based uploads and directly renders them when accessed through the domain. By uploading a crafted malicious SVG file containing embedded JavaScript, an attacker will execute arbitrary JavaScript code. This vulnerability directly enables stored XSS exploitation because the payload is persistently stored on your infrastructure (app.typebot.io) and accessible from a public-facing, permanent link. Stored XSS via malicious SVG uploads to app.typebot.io allows attackers to execute arbitrary JavaScript in victims' browsers, enabling session/token theft, account takeover, and exfiltration of sensitive user data. This issue has been fixed in version 3.16.0.
Title TypeBot: Stored Cross-Site Scripting (XSS) via SVG File Upload On Profile Picture Form
Weaknesses CWE-79
References
Metrics cvssV4_0

{'score': 8.5, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N'}

Subscriptions

No data.

cve-icon MITRE

Status: PUBLISHED

Assigner: GitHub_M

Published:

Updated: 2026-05-22T20:09:23.783Z

Reserved: 2026-04-08T00:01:47.627Z

Link: CVE-2026-39970

cve-icon Vulnrichment

Updated: 2026-05-22T20:09:09.732Z

cve-icon NVD

No data.

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-05-22T19:30:44Z

Weaknesses