TypeBot Authorization Bypass Vulnerability in getLinkedTypebots API Endpoint

An authorization bypass vulnerability has been identified in TypeBot versions through 3.15.2. The issue arises in the getLinkedTypebots API endpoint, which returns complete bot definitions to any authenticated user referencing a target bot ID in a Typebot Link block, regardless of workspace ownership. The vulnerability is caused by the authorization check using Array.filter() with an async callback. Since filter() operates synchronously, the callback always returns a truthy Promise, preventing the access control predicate from being properly evaluated. As a result, any authenticated TypeBot user can access the full definitions of private bots from other workspaces, including sensitive information such as variable values (credentials, API keys, PII), conversation blocks, logic flows, webhook URLs, and integration configurations.

Impact

Exploitation of this vulnerability allows for unauthorized access to private bot definitions across workspaces, including sensitive variable values, conversation logic, and integration details.

Reproduction

To reproduce this vulnerability, an authenticated user can create a Typebot Link block that references a private bot ID from a different workspace. When the getLinkedTypebots API is called with this reference, the full bot definition is returned, including sensitive information, despite the lack of proper authorization.

Remediation

Users can update to TypeBot version 3.16.0 or later, where this vulnerability has been fixed.