DEV Community

CVE Reports
CVE Reports

Posted on • Originally published at cvereports.com

CVE-2025-46571: CVE-2025-46571: Stored Cross-Site Scripting (XSS) in Open WebUI

CVE-2025-46571: Stored Cross-Site Scripting (XSS) in Open WebUI

Vulnerability ID: CVE-2025-46571
CVSS Score: 5.4
Published: 2026-07-07

Open WebUI versions prior to 0.6.6 contain a stored cross-site scripting (XSS) vulnerability that allows low-privileged users to upload malicious HTML files containing arbitrary JavaScript. When viewed by an administrator, the executed script can abuse administrative APIs to register malicious functions, leading to remote code execution on the underlying server host.

TL;DR

A stored XSS vulnerability in Open WebUI allows low-privileged users to achieve remote code execution (RCE) by tricking an administrator into opening an uploaded HTML file, bypassing logical checks to register unauthorized backend functions.


⚠️ Exploit Status: POC

Technical Details

  • CWE ID: CWE-79
  • Attack Vector: Network
  • CVSS Score: 5.4 (Medium)
  • EPSS Score: 0.003 (0.30%)
  • Exploit Status: poc
  • CISA KEV Status: Not Listed

Affected Systems

  • Open WebUI
  • open-webui: < 0.6.6 (Fixed in: 0.6.6)

Code Analysis

Commit: ef2aeb7

Attempted authorization fix restricting HTML file serving to admin uploads, introducing a flawed logic check

Exploit Details

Mitigation Strategies

  • Upgrade to Open WebUI version 0.6.6 or later
  • Configure Content Security Policy (CSP) with restrictive sandbox directives
  • Block requests for HTML files at the reverse proxy or WAF level
  • Isolate user-uploaded files on a distinct sandbox origin

Remediation Steps:

  1. Identify all deployed Open WebUI instances and verify their running version.
  2. Apply the official update to version 0.6.6 or later using the deployment container tags.
  3. If immediate patching is not possible, apply a reverse proxy rule to filter requests to '/api/v1/files/*/content/html' containing HTML extensions.
  4. Monitor access logs for unauthorized attempts to access the HTML file content rendering endpoint.

References


Read the full report for CVE-2025-46571 on our website for more details including interactive diagrams and full exploit analysis.

Top comments (0)