CVE-2025-64495
BaseFortify
Publication date: 2025-11-08
Last updated on: 2025-11-26
Assigner: GitHub, Inc.
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| openwebui | open_webui | to 0.6.35 (exc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-79 | The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is a DOM-based Cross-Site Scripting (XSS) issue in Open WebUI versions 0.6.34 and below. When the 'Insert Prompt as Rich Text' feature is enabled, the application inserts custom prompts into the chat window using the .innerHtml property without sanitizing the input. This allows any user with permissions to create prompts to inject malicious scripts that could execute when other users trigger the corresponding command to insert the prompt.
How can this vulnerability impact me? :
The vulnerability can lead to the execution of malicious scripts in the context of other users, potentially allowing attackers to steal sensitive information, hijack user sessions, or perform actions on behalf of other users. Since the vulnerability requires user interaction to trigger the payload, it can be used to compromise user data and integrity within the platform.
What immediate steps should I take to mitigate this vulnerability?
Upgrade Open WebUI to version 0.6.35 or later, where the vulnerability is fixed. Additionally, disable the 'Insert Prompt as Rich Text' feature or restrict permissions to create prompts to trusted users only until the upgrade can be applied.