AI Sec Watch: A Security Intelligence Platform for AI Systems

Luu, T.J.

GHSA-hqmv-v56g-4m47: Typebot.io has stored XSS via `javascript`: URI in text bubble links — bot author executes JS on visitors' browsers

mediumvulnerability

security

Source: GitHub Advisory DatabaseMay 26, 2026CVE-2026-39964

Summary

Typebot.io has a stored XSS (cross-site scripting, where malicious code is saved and runs when users view it) vulnerability in its chatbot viewer that allows bot creators to embed javascript: URIs in text links. When visitors click these links, the JavaScript executes in their browser with access to cookies and session tokens from the host website.

Solution / Mitigation

The source proposes filtering `javascript:` URIs before rendering anchor tags using this function: `const safeUrl = (url: string) => /^javascript:/i.test(url.trim()) ? '#' : url`, then use `<a href={safeUrl(elementDescendant.url as string)} ...>`. Alternatively, the source recommends using a URL allowlist that only permits `https:`, `http:`, `mailto:`, and `tel:` schemes.

Vulnerability Details

EPSS (30-day exploit probability)

EPSS: 0.0%

Patch Available

Yes

Disclosure Date

May 26, 2026

Classification

Attack SophisticationTrivial

Affected Vendors

Affected Packages

@typebot.io/js@< 0.10.1 (fixed: 0.10.1)

Monthly digest — independent AI security research

Original source: https://github.com/advisories/GHSA-hqmv-v56g-4m47

First tracked: May 26, 2026 at 02:00 PM

Classified by LLM (prompt v3) · confidence: 95%