CVE-2024-30264

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2024-30264

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-30264.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2024-30264

Related

GHSA-mx2f-9mcr-8j73

Published

2024-04-04T21:15:16Z

Modified

2025-07-02T00:30:26.060836Z

Summary

[none]

Details

Typebot is an open-source chatbot builder. A reflected cross-site scripting (XSS) in the sign-in page of typebot.io prior to version 2.24.0 may allow an attacker to hijack a user's account. The sign-in page takes the redirectPath parameter from the URL. If a user clicks on a link where the redirectPath parameter has a javascript scheme, the attacker that crafted the link may be able to execute arbitrary JavaScript with the privileges of the user. Version 2.24.0 contains a patch for this issue.

References

Affected packages

Git / github.com/baptistearno/typebot.io

Affected ranges

Type: GIT
Repo: https://github.com/baptistearno/typebot.io
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

d0be29e25732c410b561cbc3c5607c3c1d4b6c8e

Affected versions

js-lib-v2.*

js-lib-v2.1.4

js-lib-v2.2.0

js-lib-v2.2.1

js-lib-v2.2.10

js-lib-v2.2.11

js-lib-v2.2.12

js-lib-v2.2.13

js-lib-v2.2.15

js-lib-v2.2.16

js-lib-v2.2.17

js-lib-v2.2.2

js-lib-v2.2.3

js-lib-v2.2.4

js-lib-v2.2.5

js-lib-v2.2.6

js-lib-v2.2.7

js-lib-v2.2.8

js-lib-v2.2.9

js-v0.*

js-v0.0.1

js-v0.0.10

js-v0.0.11

js-v0.0.12

js-v0.0.13

js-v0.0.14

js-v0.0.15

js-v0.0.16

js-v0.0.17

js-v0.0.18

js-v0.0.19

js-v0.0.2

js-v0.0.20

js-v0.0.21

js-v0.0.22

js-v0.0.23

js-v0.0.24

js-v0.0.25

js-v0.0.26

js-v0.0.27

js-v0.0.28

js-v0.0.29

js-v0.0.3

js-v0.0.30

js-v0.0.31

js-v0.0.32

js-v0.0.33

js-v0.0.34

js-v0.0.35

js-v0.0.36

js-v0.0.37

js-v0.0.38

js-v0.0.39

js-v0.0.4

js-v0.0.40

js-v0.0.41

js-v0.0.42

js-v0.0.43

js-v0.0.44

js-v0.0.45

js-v0.0.47

js-v0.0.48

js-v0.0.49

js-v0.0.5

js-v0.0.50

js-v0.0.51

js-v0.0.52

js-v0.0.53

js-v0.0.54

js-v0.0.55

js-v0.0.56

js-v0.0.57

js-v0.0.59

js-v0.0.6

js-v0.0.60

js-v0.0.61

js-v0.0.62

js-v0.0.63

js-v0.0.64

js-v0.0.66

js-v0.0.67

js-v0.0.68

js-v0.0.69

js-v0.0.7

js-v0.0.70

js-v0.0.71

js-v0.0.72

js-v0.0.73

js-v0.0.74

js-v0.0.75

js-v0.0.76

js-v0.0.77

js-v0.0.78

js-v0.0.79

js-v0.0.8

js-v0.0.80

js-v0.0.9

js-v0.1.0

js-v0.1.1

js-v0.1.10

js-v0.1.11

js-v0.1.12

js-v0.1.13

js-v0.1.14

js-v0.1.15

js-v0.1.16

js-v0.1.17

js-v0.1.18

js-v0.1.2

js-v0.1.20

js-v0.1.21

js-v0.1.23

js-v0.1.24

js-v0.1.25

js-v0.1.26

js-v0.1.27

js-v0.1.29

js-v0.1.3

js-v0.1.30

js-v0.1.31

js-v0.1.32

js-v0.1.33

js-v0.1.34

js-v0.1.4

js-v0.1.5

js-v0.1.6

js-v0.1.7

js-v0.1.8

js-v0.2.0

js-v0.2.1

js-v0.2.10

js-v0.2.11

js-v0.2.12

js-v0.2.14

js-v0.2.15

js-v0.2.16

js-v0.2.17

js-v0.2.19

js-v0.2.2

js-v0.2.20

js-v0.2.21

js-v0.2.22

js-v0.2.23

js-v0.2.24

js-v0.2.25

js-v0.2.26

js-v0.2.27

js-v0.2.28

js-v0.2.29

js-v0.2.3

js-v0.2.30

js-v0.2.31

js-v0.2.32

js-v0.2.33

js-v0.2.34

js-v0.2.35

js-v0.2.38

js-v0.2.39

js-v0.2.4

js-v0.2.40

js-v0.2.41

js-v0.2.42

js-v0.2.43

js-v0.2.44

js-v0.2.45

js-v0.2.46

js-v0.2.47

js-v0.2.48

js-v0.2.49

js-v0.2.5

js-v0.2.50

js-v0.2.51

js-v0.2.52

js-v0.2.53

js-v0.2.54

js-v0.2.55

js-v0.2.56

js-v0.2.6

js-v0.2.7

js-v0.2.8

js-v0.2.9

nextjs-v0.*

nextjs-v0.1.0

nextjs-v0.1.10

nextjs-v0.1.11

nextjs-v0.1.12

nextjs-v0.1.13

nextjs-v0.1.14

nextjs-v0.1.15

nextjs-v0.1.16

nextjs-v0.1.17

nextjs-v0.1.18

nextjs-v0.1.2

nextjs-v0.1.20

nextjs-v0.1.21

nextjs-v0.1.23

nextjs-v0.1.24

nextjs-v0.1.25

nextjs-v0.1.26

nextjs-v0.1.27

nextjs-v0.1.29

nextjs-v0.1.3

nextjs-v0.1.30

nextjs-v0.1.31

nextjs-v0.1.32

nextjs-v0.1.33

nextjs-v0.1.34

nextjs-v0.1.4

nextjs-v0.1.5

nextjs-v0.1.6

nextjs-v0.1.7

nextjs-v0.1.8

nextjs-v0.2.0

nextjs-v0.2.1

nextjs-v0.2.10

nextjs-v0.2.11

nextjs-v0.2.12

nextjs-v0.2.14

nextjs-v0.2.15

nextjs-v0.2.16

nextjs-v0.2.17

nextjs-v0.2.19

nextjs-v0.2.2

nextjs-v0.2.20

nextjs-v0.2.21

nextjs-v0.2.22

nextjs-v0.2.23

nextjs-v0.2.24

nextjs-v0.2.25

nextjs-v0.2.26

nextjs-v0.2.27

nextjs-v0.2.28

nextjs-v0.2.29

nextjs-v0.2.3

nextjs-v0.2.30

nextjs-v0.2.31

nextjs-v0.2.33

nextjs-v0.2.34

nextjs-v0.2.35

nextjs-v0.2.38

nextjs-v0.2.39

nextjs-v0.2.4

nextjs-v0.2.40

nextjs-v0.2.41

nextjs-v0.2.42

nextjs-v0.2.43

nextjs-v0.2.44

nextjs-v0.2.45

nextjs-v0.2.46

nextjs-v0.2.47

nextjs-v0.2.48

nextjs-v0.2.49

nextjs-v0.2.5

nextjs-v0.2.50

nextjs-v0.2.51

nextjs-v0.2.52

nextjs-v0.2.53

nextjs-v0.2.54

nextjs-v0.2.55

nextjs-v0.2.56

nextjs-v0.2.6

nextjs-v0.2.7

nextjs-v0.2.8

nextjs-v0.2.9

react-v0.*

react-v0.0.1

react-v0.0.10

react-v0.0.11

react-v0.0.12

react-v0.0.13

react-v0.0.14

react-v0.0.15

react-v0.0.16

react-v0.0.17

react-v0.0.18

react-v0.0.19

react-v0.0.2

react-v0.0.20

react-v0.0.21

react-v0.0.22

react-v0.0.23

react-v0.0.24

react-v0.0.25

react-v0.0.26

react-v0.0.27

react-v0.0.28

react-v0.0.29

react-v0.0.3

react-v0.0.30

react-v0.0.31

react-v0.0.32

react-v0.0.33

react-v0.0.34

react-v0.0.35

react-v0.0.36

react-v0.0.37

react-v0.0.38

react-v0.0.39

react-v0.0.4

react-v0.0.40

react-v0.0.41

react-v0.0.42

react-v0.0.43

react-v0.0.44

react-v0.0.45

react-v0.0.47

react-v0.0.48

react-v0.0.49

react-v0.0.5

react-v0.0.50

react-v0.0.51

react-v0.0.52

react-v0.0.53

react-v0.0.54

react-v0.0.55

react-v0.0.56

react-v0.0.57

react-v0.0.59

react-v0.0.6

react-v0.0.60

react-v0.0.61

react-v0.0.62

react-v0.0.63

react-v0.0.64

react-v0.0.66

react-v0.0.67

react-v0.0.68

react-v0.0.69

react-v0.0.7

react-v0.0.70

react-v0.0.71

react-v0.0.72

react-v0.0.73

react-v0.0.74

react-v0.0.75

react-v0.0.76

react-v0.0.77

react-v0.0.78

react-v0.0.79

react-v0.0.8

react-v0.0.80

react-v0.0.9

react-v0.1.0

react-v0.1.1

react-v0.1.10

react-v0.1.11

react-v0.1.12

react-v0.1.13

react-v0.1.14

react-v0.1.15

react-v0.1.16

react-v0.1.17

react-v0.1.18

react-v0.1.2

react-v0.1.20

react-v0.1.21

react-v0.1.23

react-v0.1.24

react-v0.1.25

react-v0.1.26

react-v0.1.27

react-v0.1.29

react-v0.1.3

react-v0.1.30

react-v0.1.31

react-v0.1.32

react-v0.1.33

react-v0.1.34

react-v0.1.4

react-v0.1.5

react-v0.1.6

react-v0.1.7

react-v0.1.8

react-v0.2.0

react-v0.2.1

react-v0.2.10

react-v0.2.11

react-v0.2.12

react-v0.2.14

react-v0.2.15

react-v0.2.16

react-v0.2.17

react-v0.2.19

react-v0.2.2

react-v0.2.20

react-v0.2.21

react-v0.2.22

react-v0.2.23

react-v0.2.24

react-v0.2.25

react-v0.2.26

react-v0.2.27

react-v0.2.28

react-v0.2.29

react-v0.2.3

react-v0.2.30

react-v0.2.31

react-v0.2.32

react-v0.2.33

react-v0.2.34

react-v0.2.35

react-v0.2.38

react-v0.2.39

react-v0.2.4

react-v0.2.40

react-v0.2.41

react-v0.2.42

react-v0.2.43

react-v0.2.44

react-v0.2.45

react-v0.2.46

react-v0.2.47

react-v0.2.48

react-v0.2.49

react-v0.2.5

react-v0.2.50

react-v0.2.51

react-v0.2.52

react-v0.2.53

react-v0.2.54

react-v0.2.55

react-v0.2.56

react-v0.2.6

react-v0.2.7

react-v0.2.8

react-v0.2.9

v2.*

v2.0.0

v2.1.0

v2.1.1

v2.1.2

v2.10.0

v2.10.1

v2.10.2

v2.10.3

v2.10.4

v2.10.5

v2.11.0

v2.11.1

v2.11.2

v2.11.3

v2.11.4

v2.11.5

v2.11.6

v2.11.7

v2.11.8

v2.11.9

v2.12.0

v2.12.1

v2.12.2

v2.12.3

v2.13.0

v2.13.1

v2.13.2

v2.13.3

v2.13.4

v2.13.5

v2.14.0

v2.14.1

v2.15.0

v2.15.1

v2.15.2

v2.16.0

v2.17.0

v2.17.1

v2.17.2

v2.18.0

v2.18.1

v2.18.2

v2.18.3

v2.18.4

v2.19.0

v2.19.1

v2.2.0

v2.2.1

v2.2.9

v2.20.0

v2.21.0

v2.21.1

v2.21.2

v2.21.3

v2.22.0

v2.23.0

v2.3.0

v2.4.0

v2.5.0

v2.5.1

v2.6.0

v2.6.1

v2.6.2

v2.7.0

v2.7.1

v2.8.0

v2.8.1

v2.8.10

v2.8.11

v2.8.12

v2.8.3

v2.8.5

v2.8.6

v2.8.7

v2.8.8

v2.8.9

v2.9.0

v2.9.1

v2.9.2

v2.9.3

v2.9.4