AI Sec Watch: A Security Intelligence Platform for AI Systems

Luu, T.J.

GHSA-6m7c-xfhp-p9fh: Typebot has Stored XSS via Rating Block Custom Icon that Bypasses isUnsafe Sandbox in Builder Preview

highvulnerability

security

Source: GitHub Advisory DatabaseMay 26, 2026CVE-2026-28445

Summary

Typebot has a stored XSS (cross-site scripting, where attackers inject malicious code into a web page) vulnerability in its rating block's custom icon feature. The vulnerability allows attackers to execute arbitrary HTML and JavaScript in the builder's preview by crafting a malicious typebot, potentially leading to session hijacking and unauthorized access to the builder application. This bypasses the sandbox protection that normally prevents untrusted code from running in the builder.

Vulnerability Details

EPSS (30-day exploit probability)

EPSS: 0.0%

Patch Available

Yes

Disclosure Date

May 26, 2026

Classification

Attack SophisticationTrivial

Affected Vendors

Affected Packages

@typebot.io/js@< 0.10.1 (fixed: 0.10.1)

Monthly digest — independent AI security research

Original source: https://github.com/advisories/GHSA-6m7c-xfhp-p9fh

First tracked: May 26, 2026 at 02:00 PM

Classified by LLM (prompt v3) · confidence: 95%