Typebot Rating Block XSS Vulnerability Bypasses Sandbox in Builder Preview

A stored cross-site scripting vulnerability has been identified in Typebot, a chatbot builder tool, affecting versions through 3.15.2. The issue arises in the RatingButton component of the embed package, where the customIcon.svg field is rendered directly into the DOM using Solid's innerHTML directive, without proper sanitization. This vulnerability allows for the execution of arbitrary HTML and JavaScript in the builder's authenticated context, bypassing the Web Worker sandbox that typically protects Script blocks during preview. As a result, an attacker could hijack a user's session and escalate privileges within the builder application.

Impact

Exploitation of this vulnerability allows for session hijacking and privilege escalation within the Typebot builder application. The attacker can access the victim's session cookies and authentication tokens, with full rights to modify bots and workspace settings.

Reproduction

To reproduce this vulnerability, import a typebot that includes a rating block with a custom icon payload. The payload should be crafted to include malicious JavaScript, such as an image tag with an onerror event that exfiltrates cookies via a fetch request. Once the typebot is imported, previewing it in the builder will trigger the execution of the malicious script, demonstrating the cross-site scripting vulnerability.

Remediation

Users can update to Typebot version 3.16.0 or later, where this vulnerability has been fixed.