CVE-2026-39970
The CVE covers TypeBot (chatbot builder) ≤ version 3.15.2, where the profile picture upload form fails to sanitize SVG/XML uploads and directly renders them. This enables stored XSS via crafted SVGs containing JavaScript, with payload stored on app.typebot.io and accessible via a permanent link, ...