CVE-2025-65098 | baptisteArno typebot.io up to 3.13.1 credentials.getCredentials cross site scripting

Inserito da Angelo Barbosa | Gen 22, 2026 | CVE

A vulnerability described as problematic has been identified in baptisteArno typebot.io up to 3.13.1. The affected element is an unknown function of the file /api/trpc/credentials.getCredentials. Such manipulation leads to cross site scripting.

This vulnerability is documented as CVE-2025-65098. The attack can be executed remotely. There is not any exploit available.

Upgrading the affected component is recommended.

CVE-2025-65098 | baptisteArno typebot.io up to 3.13.1 credentials.getCredentials cross site scripting

Post correlati

CVE-2024-28848 | open-metadata OpenMetadata up to 1.2.3 validateExpression code injection

CVE-2025-57788 | Commvault CommCell up to 11.32.101/11.36.59 API Call hard-coded password

CVE-2025-1441 | wproyal Royal Elementor Addons and Templates Plugin up to 1.7.1007 on WordPress wpr_filter_woo_products cross-site request forgery

CVE-2025-15447 | Seeyon Zhiyuan OA Web Application System up to 20251223 assetsService.j%73p unitCode sql injection