CVE-2024-7990 – A stored XSS vulnerability in open-webui versio... (How to Fix)

Q: What is the severity of CVE-2024-7990?

CVE-2024-7990 has a CVSS score of 8.4 (HIGH). A stored XSS vulnerability in open-webui version 0.3.8 allows attackers to inject malicious scripts via the model description field. When executed, these scripts can compromise user sessions, steal credentials, or perform unauthorized actions. All users of affected versions are vulnerable, including administrators.

📋 TL;DR

A stored XSS vulnerability in open-webui version 0.3.8 allows attackers to inject malicious scripts via the model description field. When executed, these scripts can compromise user sessions, steal credentials, or perform unauthorized actions. All users of affected versions are vulnerable, including administrators.

💻 Affected Systems

Products:

open-webui/open-webui

Versions: Version 0.3.8

Operating Systems: All

Default Config Vulnerable: ⚠️ Yes

Notes: Vulnerability exists in default configuration when the /api/v1/models/add endpoint is accessible.

📦 What is this software?

Open Webui by Openwebui

View all CVEs affecting Open Webui →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Administrator account takeover leading to full system compromise, data exfiltration, and arbitrary code execution on the server.

🟠

Likely Case

Session hijacking, credential theft, and unauthorized actions performed by authenticated users.

🟢

If Mitigated

Limited to client-side impact if proper input validation and output encoding are implemented.

🌐 Internet-Facing: HIGH

🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: MEDIUM

Exploitation requires access to create or modify models via the API endpoint.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Version after 0.3.8

Vendor Advisory: https://huntr.com/bounties/2256e336-0f67-449e-a82d-7fc57081a21c

Restart Required: No

Instructions:

1. Update open-webui to the latest version. 2. Verify the fix by checking that model description inputs are properly sanitized.

🔧 Temporary Workarounds

Input Validation Filter

all

Implement server-side input validation to sanitize HTML/JavaScript in model description fields.

🧯 If You Can't Patch

Disable or restrict access to the /api/v1/models/add endpoint.
Implement a web application firewall (WAF) with XSS protection rules.

🔍 How to Verify

Check if Vulnerable:

Test if unsanitized HTML/JavaScript in model description fields executes when rendered in chat.

Check Version:

Check the open-webui version in the application interface or configuration files.

Verify Fix Applied:

Confirm that script tags and JavaScript in model descriptions are properly escaped or removed.

📡 Detection & Monitoring

Log Indicators:

Unusual model creation/modification requests with script tags or JavaScript payloads.

Network Indicators:

HTTP POST requests to /api/v1/models/add containing suspicious payloads.

SIEM Query:

source="webui_logs" AND (uri="/api/v1/models/add" AND (payload CONTAINS "<script>" OR payload CONTAINS "javascript:"))

📊 Metadata

CVE ID: CVE-2024-7990

CVSS v3 Score: 8.4 (HIGH)

CVSS Vector: CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H

CWE: CWE-79

EPSS Score: 0.16% exploit probability (36.8th percentile)

Published: March 20, 2025

Last Updated: July 21, 2025

🔗 References

https://huntr.com/bounties/2256e336-0f67-449e-a82d-7fc57081a21c Exploit,Third Party Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-7990, you might also want to check these: