Headline
GHSA-5jp3-wp5v-5363: Open WebUI Stored Cross-Site Scripting Vulnerability
Attackers can craft a malicious prompt that coerces the language model into executing arbitrary JavaScript in the context of the web page.
Open WebUI Stored Cross-Site Scripting Vulnerability
Moderate severity GitHub Reviewed Published Aug 8, 2024 to the GitHub Advisory Database • Updated Aug 8, 2024
Related news
Open WebUI 0.1.105 Persistent Cross Site Scripting
Open WebUI version 0.1.105 suffers from a persistent cross site scripting vulnerability.