Lucene search
K

9 matches found

CNNVD
CNNVD
added 2026/05/21 12:0 a.m.10 views

WordPress plugin GSheet For Woo Importer 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. The...

4.3CVSS5.8AI score0.00192EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/01/23 3:21 p.m.9 views

CVE-2025-65098

Typebot is an open-source chatbot builder. In versions prior to 3.13.2, client-side script execution in Typebot allows stealing all stored credentials from any user. When a victim previews a malicious typebot by clicking "Run", JavaScript executes in their browser and exfiltrates their OpenAI key...

7.4CVSS5.6AI score0.003EPSS
Exploits1References1
Github Security Blog
Github Security Blog
added 2026/01/22 6:2 p.m.14 views

Typebot affected by Credential Theft via Client-Side Script Execution and API Authorization Bypass

Summary Client-side script execution in Typebot allows stealing all stored credentials from any user. When a victim previews a malicious typebot by clicking "Run", JavaScript executes in their browser and exfiltrates their OpenAI keys, Google Sheets tokens, and SMTP passwords. The...

7.4CVSS6AI score0.003EPSS
Exploits1References4Affected Software1
NVD
NVD
added 2026/01/22 3:16 p.m.8 views

CVE-2025-65098

Typebot is an open-source chatbot builder. In versions prior to 3.13.2, client-side script execution in Typebot allows stealing all stored credentials from any user. When a victim previews a malicious typebot by clicking "Run", JavaScript executes in their browser and exfiltrates their OpenAI key...

7.4CVSS0.003EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2026/01/22 2:59 p.m.7 views

CVE-2025-65098 Typebot Vulnerable to Credential Theft via Client-Side Script Execution and API Authorization Bypass

Typebot is an open-source chatbot builder. In versions prior to 3.13.2, client-side script execution in Typebot allows stealing all stored credentials from any user. When a victim previews a malicious typebot by clicking "Run", JavaScript executes in their browser and exfiltrates their OpenAI key...

7.4CVSS5.6AI score0.003EPSS
Exploits1References1
CVE
CVE
added 2026/01/22 2:59 p.m.14 views

CVE-2025-65098

CVE-2025-65098 affects Typebot (open-source chatbot builder) in versions before 3.13.2. A client-side script executed when a victim previews a malicious typebot can exfiltrate stored credentials (e.g., OpenAI keys, Google Sheets tokens, SMTP passwords) via the API endpoint /api/trpc/credentials.g...

7.4CVSS5.6AI score0.003EPSS
Exploits1References1Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/01/22 2:59 p.m.3 views

CVE-2025-65098

Typebot is an open-source chatbot builder. In versions prior to 3.13.2, client-side script execution in Typebot allows stealing all stored credentials from any user. When a victim previews a malicious typebot by clicking "Run", JavaScript executes in their browser and exfiltrates their OpenAI key...

7.4CVSS5.6AI score0.003EPSS
Exploits1References2Affected Software1
OSV
OSV
added 2026/01/22 2:59 p.m.9 views

CVE-2025-65098 Typebot Vulnerable to Credential Theft via Client-Side Script Execution and API Authorization Bypass

Typebot is an open-source chatbot builder. In versions prior to 3.13.2, client-side script execution in Typebot allows stealing all stored credentials from any user. When a victim previews a malicious typebot by clicking "Run", JavaScript executes in their browser and exfiltrates their OpenAI key...

7.4CVSS5.7AI score0.003EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2026/01/22 12:0 a.m.12 views

PT-2026-3944

Name of the Vulnerable Software and Affected Versions Typebot versions prior to 3.13.2 Description Typebot, an open-source chatbot builder, has a flaw where client-side script execution can lead to the theft of stored credentials from any user. When a victim previews a malicious typebot by clicki...

7.4CVSS6.1AI score0.003EPSS
Exploits1References13
Rows per page
Query Builder