A vulnerability labeled as problematic has been found in baptisteArno typebot.io up to 3.15.x . The affected element is an unknown function of the component RatingButton Component . Such manipulation leads to cross site scripting. This vulnerability is listed as CVE-2026-28445 . The attack may be performed from remote. There is no available exploit. The affected component should be upgraded.