Filtered by vendor Open-webui
Subscriptions
Filtered by product Open-webui
Subscriptions
Total
26 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-7044 | 2 Open-webui, Openwebui | 2 Open-webui, Open Webui | 2025-07-29 | 8.9 High |
| A Stored Cross-Site Scripting (XSS) vulnerability exists in the chat file upload functionality of open-webui/open-webui version 0.3.8. An attacker can inject malicious content into a file, which, when accessed by a victim through a URL or shared chat, executes JavaScript in the victim's browser. This can lead to user data theft, session hijacking, malware distribution, and phishing attacks. | ||||
| CVE-2024-8017 | 2 Open-webui, Openwebui | 2 Open-webui, Open Webui | 2025-07-21 | N/A |
| An XSS vulnerability exists in open-webui/open-webui versions <= 0.3.8, specifically in the function that constructs the HTML for tooltips. This vulnerability allows attackers to perform operations with the victim's privileges, such as stealing chat history, deleting chats, and escalating their own account to an admin if the victim is an admin. | ||||
| CVE-2024-7990 | 2 Open-webui, Openwebui | 2 Open-webui, Open Webui | 2025-07-21 | N/A |
| A stored cross-site scripting (XSS) vulnerability exists in open-webui/open-webui version 0.3.8. The vulnerability is present in the `/api/v1/models/add` endpoint, where the model description field is improperly sanitized before being rendered in chat. This allows an attacker to inject malicious scripts that can be executed by any user, including administrators, potentially leading to arbitrary code execution. | ||||
| CVE-2024-7959 | 2 Open-webui, Openwebui | 2 Open-webui, Open Webui | 2025-07-21 | 7.7 High |
| The `/openai/models` endpoint in open-webui/open-webui version 0.3.8 is vulnerable to Server-Side Request Forgery (SSRF). An attacker can change the OpenAI URL to any URL without checks, causing the endpoint to send a request to the specified URL and return the output. This vulnerability allows the attacker to access internal services and potentially gain command execution by accessing instance secrets. | ||||
| CVE-2024-7036 | 2 Open-webui, Openwebui | 2 Open-webui, Open Webui | 2025-07-18 | 7.5 High |
| A vulnerability in open-webui/open-webui v0.3.8 allows an unauthenticated attacker to sign up with excessively large text in the 'name' field, causing the Admin panel to become unresponsive. This prevents administrators from performing essential user management actions such as deleting, editing, or adding users. The vulnerability can also be exploited by authenticated users with low privileges, leading to the same unresponsive state in the Admin panel. | ||||
| CVE-2024-7049 | 2 Open-webui, Openwebui | 2 Open-webui, Open Webui | 2024-10-17 | 5.4 Medium |
| In version v0.3.8 of open-webui/open-webui, a vulnerability exists where a token is returned when a user with a pending role logs in. This allows the user to perform actions without admin confirmation, bypassing the intended approval process. | ||||