{"uuid": "79f4e9af-11b9-4be1-ab51-61cf0b7d56bb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48768", "type": "seen", "source": "https://bsky.app/profile/hugovalters.bsky.social/post/3monjhbwh4p2c", "content": "CVE-2026-48768 - Critical XSS in Typebot. Unauthenticated file upload to arbitrary S3 paths. Malicious HTML/SVG/JS can be injected into other tenants' results. CVSS 9.3. No patch available. Disable file input blocks immediately. #CVE #Typeb...\n\nhttps://www.valtersit.com/cve/CVE-2026-48768/", "creation_timestamp": "2026-06-19T14:10:24.329546Z"}