The Twilio integration in Botpress accepts any POST request at its webhook handler without validating the X‑Twilio‑Signature header. It then follows user‑controlled media URLs, sending HTTP requests that include the integration’s Twilio credentials in the Authorization header. An attacker can forge a webhook payload that points to a malicious server, causing the victim’s Twilio account SID and Auth Token to be transmitted in cleartext (Base 64‑encoded Basic Auth). The result is full compromise of the Twilio account, allowing the attacker to send messages, access phone numbers, and perform any action permitted in Twilio.

The vulnerability applies to installations that use the Botpress open‑source framework with the Twilio integration enabled. No specific version range is listed in the advisory, so any Botpress release containing the affected code must be reviewed and patched. Administrators should verify their Botpress version and apply updates as soon as they become available.

The CVSS base score is 8.2, indicating a high severity vulnerability. EPSS data is not available and the issue is not listed in the CISA KEV catalog. Attackers can exploit the flaw remotely by sending a crafted POST request to the webhook endpoint from anywhere on the internet. Successful exploitation obtains the Twilio credentials, enabling complete control over the Twilio account and exposing the system to data loss, unauthorized communications, and potential financial loss.