TypeBot: Cross-Workspace Theme Template IDOR (Modification and Deletion)
Description
TypeBot is a chatbot builder tool. Versions 3.15.2 and below have an Insecure Direct Object Reference vulnerability through cross-workspace Theme Template modification and deletion. The handleSaveThemeTemplate and handleDeleteThemeTemplate handlers validate that the authenticated user is a non-guest member of the provided workspaceId, but then operate on themeTemplateId via Prisma queries that do NOT include workspaceId in the WHERE clause. This allows any authenticated user to modify or delete theme templates belonging to any other workspace and may expose Template IDs via shared typebots or network traffic. This issue has been fixed in version 3.16.0.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
1- Range: <=3.15.2
Patches
Vulnerability mechanics
Root cause
"The handleSaveThemeTemplate and handleDeleteThemeTemplate handlers validate workspace membership but then perform Prisma queries that only filter by themeTemplateId, omitting workspaceId from the WHERE clause, enabling cross-workspace IDOR."
Attack vector
An authenticated attacker who is a non-guest member of their own workspace (Workspace-A) can obtain a themeTemplateId from a victim's workspace (Workspace-B) — for example, via shared typebots or network traffic. The attacker then calls the save or delete endpoint with their own workspaceId (which passes the membership check) and the victim's themeTemplateId. Because the Prisma queries in handleSaveThemeTemplate and handleDeleteThemeTemplate only filter by id and omit workspaceId, the operation succeeds on the victim's template. This allows any authenticated user to modify or delete theme templates belonging to any other workspace [ref_id=1].
What the fix does
The advisory recommends adding workspaceId to the Prisma WHERE clauses so that the template operation is scoped to the workspace the attacker is authorized for. For deletion, the fix uses deleteMany with a compound WHERE clause (id, workspaceId). For save/update, the fix first checks that the template belongs to the workspace via findFirst before performing the upsert. This ensures that even if an attacker passes a valid workspaceId and a victim's templateId, the query will not match the victim's template because the workspaceId does not match [ref_id=1].
Preconditions
- authAttacker must be an authenticated user who is a non-guest member of at least one workspace
- inputAttacker must obtain a themeTemplateId from a victim's workspace (e.g., via shared typebots or network traffic)
Generated on Jun 18, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.
References
2- github.com/baptisteArno/typebot.io/releases/tag/v3.16.0mitrex_refsource_MISC
- github.com/baptisteArno/typebot.io/security/advisories/GHSA-qv4p-4mp3-pvpvmitrex_refsource_CONFIRM
News mentions
0No linked articles in our index yet.