📦 Open Webui

A cross-site scripting (XSS) vulnerability in open-webui versions up to 0.3.8 allows attackers to inject malicious scripts into tooltips. When exploited, this enables attackers to perform actions with...

This vulnerability allows an attacker with a user-level account to perform a session fixation attack in open-webui/open-webui version 0.3.8. By embedding a malicious markdown image in a chat, an attac...

This stored cross-site scripting (XSS) vulnerability in Open WebUI allows attackers to inject malicious HTML into chat history metadata, which gets executed when users view citations. The payload exec...

This vulnerability allows authenticated remote attackers to execute arbitrary system commands on Open WebUI installations. Attackers can inject malicious commands through the install_frontmatter_requi...

This vulnerability allows authenticated remote attackers to execute arbitrary Python code on Open WebUI installations via command injection in the load_tool_module_by_id function. Attackers can gain c...

An authentication bypass vulnerability in Open-WebUI's /api/config endpoint allows unauthenticated remote attackers to access sensitive system configuration data. This affects all Open-WebUI deploymen...

A stored cross-site scripting (XSS) vulnerability in Open WebUI allows authenticated users to upload malicious Markdown files containing SVG tags that execute JavaScript when victims download notes as...

Open WebUI versions before 0.6.37 contain a Server-Side Request Forgery (SSRF) vulnerability that allows any authenticated user to make the server send HTTP requests to arbitrary internal or external ...

Open WebUI versions 0.6.34 and below contain a DOM-based cross-site scripting (XSS) vulnerability in the custom prompt insertion feature. When 'Insert Prompt as Rich Text' is enabled, malicious users ...

Open WebUI versions 0.6.224 and earlier contain a code injection vulnerability in the Direct Connections feature. Malicious external model servers can execute arbitrary JavaScript in victim browsers, ...

This vulnerability in open-webui v0.3.10 allows unauthenticated attackers to access the PDF generation endpoint, potentially causing denial of service through resource exhaustion or unauthorized PDF g...

This vulnerability in open-webui version 0.3.8 exposes an unauthenticated markdown-to-HTML conversion endpoint. Attackers can send specially crafted markdown payloads that cause excessive server proce...

A stored XSS vulnerability in open-webui version 0.3.8 allows attackers to inject malicious scripts via the model description field. When executed, these scripts can compromise user sessions, steal cr...

This vulnerability allows non-admin users to execute arbitrary code remotely via CSRF attacks in open-webui versions up to 0.3.8. Attackers can craft malicious HTML that modifies Python pipeline code ...

An unauthenticated attacker can cause denial-of-service by submitting excessively large text in the 'name' field during signup, making the Admin panel unresponsive and preventing user management. Auth...

A stored XSS vulnerability in open-webui version 0.3.8 allows attackers to upload malicious files containing JavaScript. When victims access these files through chat URLs, the script executes in their...

CVE-2024-7034 allows attackers to write arbitrary files on systems running vulnerable open-webui versions by exploiting directory traversal in file uploads. This can lead to remote command execution b...

An improper access control vulnerability in Open WebUI v0.3.8 allows unauthenticated attackers to view and delete any files uploaded by users. Attackers can enumerate all files via the GET /api/v1/fil...

This vulnerability allows attackers to write arbitrary files to the server's filesystem by manipulating file paths in the download_model endpoint. It affects open-webui/open-webui version 0.3.8 deploy...

This vulnerability in open-webui/open-webui allows unauthenticated attackers to submit extremely large payloads in email and password fields during sign-in, causing resource exhaustion and Denial of S...

This vulnerability in open-webui version 0.3.32 allows unauthenticated attackers to send large POST requests to the /api/v1/utils/code/format endpoint, causing server resource exhaustion and denial of...

This CVE describes a path traversal vulnerability that allows attackers to upload malicious files to arbitrary locations on the web server's filesystem. Attackers can exploit this to achieve remote co...

Open WebUI transmits credentials in plaintext, allowing network-adjacent attackers to intercept authentication data without authentication. This affects all Open WebUI installations using the vulnerab...

Open WebUI v0.6.33 has an access control vulnerability where the /api/tasks/stop/ endpoint allows any authenticated user to cancel arbitrary LLM response tasks without ownership verification. This aff...

Open WebUI versions before 0.6.6 contain a stored cross-site scripting (XSS) vulnerability where attackers can inject JavaScript into chat messages. When users view these malicious chat transcripts, t...

This vulnerability allows an authenticated admin user to delete other administrators through direct API calls, bypassing UI restrictions. It affects open-webui version v0.3.8 installations where admin...

This CSRF vulnerability in open-webui/open-webui v0.3.8 allows attackers to trick authenticated users into performing sensitive actions like deleting data and resetting configurations by visiting mali...

This vulnerability in open-webui v0.3.8 allows attackers to bypass access controls and view all prompts created by administrators. Attackers can retrieve prompt IDs via the /api/v1/prompts/ endpoint a...

This vulnerability allows users with pending roles to obtain authentication tokens and perform unauthorized actions without admin approval. It affects open-webui installations running version v0.3.8, ...