CVE-2025-65959
Unknown Unknown - Not Provided

BaseFortify

Vulnerability report for CVE-2025-65959, including description, CVSS score, EPSS score, affected products, exploitability, helpful resources, and attack-flow context.

Publication date: 2025-12-04

Last updated on: 2025-12-10

Assigner: GitHub, Inc.

Description

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.6.37, a Stored XSS vulnerability was discovered in Open-WebUI's Notes PDF download functionality. An attacker can import a Markdown file containing malicious SVG tags into Notes, allowing them to execute arbitrary JavaScript code and steal session tokens when a victim downloads the note as PDF. This vulnerability can be exploited by any authenticated user, and unauthenticated external attackers can steal session tokens from users (both admin and regular users) by sharing specially crafted markdown files. This vulnerability is fixed in 0.6.37.

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published
2025-12-04
Last Modified
2025-12-10
Generated
2026-07-06
AI Q&A
2025-12-04
EPSS Evaluated
2026-07-05
NVD

Affected Vendors & Products

Showing 1 associated CPE
Vendor Product Version / Range
openwebui open_webui to 0.6.37 (exc)

Helpful Resources

Exploitability

CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-79 The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.

Attack-Flow Graph

AI Quick Actions

Instant insights powered by AI
Executive Summary

This vulnerability is a Stored Cross-Site Scripting (XSS) issue in Open WebUI's Notes PDF download feature before version 0.6.37. An attacker can import a Markdown file containing malicious SVG tags into the Notes section. When a victim downloads the note as a PDF, the embedded JavaScript executes, allowing the attacker to steal session tokens. Both authenticated and unauthenticated attackers can exploit this by sharing specially crafted markdown files.

Impact Analysis

The vulnerability allows attackers to execute arbitrary JavaScript code in the context of the victim's session, leading to theft of session tokens. This can result in unauthorized access to user accounts, including admin accounts, potentially compromising sensitive data and control over the Open WebUI platform.

Mitigation Strategies

To mitigate this vulnerability, immediately upgrade Open WebUI to version 0.6.37 or later, where the Stored XSS vulnerability in the Notes PDF download functionality is fixed. Additionally, avoid importing untrusted Markdown files containing SVG tags into Notes, and restrict access to authenticated users to reduce risk.

Chat Assistant

Ask questions about this CVE
Hi! I’m here to help you understand CVE-2025-65959. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70

EPSS Chart