CVE-2025-65959
BaseFortify
Publication date: 2025-12-04
Last updated on: 2025-12-10
Assigner: GitHub, Inc.
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| openwebui | open_webui | to 0.6.37 (exc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-79 | The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is a Stored Cross-Site Scripting (XSS) issue in Open WebUI's Notes PDF download feature before version 0.6.37. An attacker can import a Markdown file containing malicious SVG tags into the Notes section. When a victim downloads the note as a PDF, the embedded JavaScript executes, allowing the attacker to steal session tokens. Both authenticated and unauthenticated attackers can exploit this by sharing specially crafted markdown files.
How can this vulnerability impact me? :
The vulnerability allows attackers to execute arbitrary JavaScript code in the context of the victim's session, leading to theft of session tokens. This can result in unauthorized access to user accounts, including admin accounts, potentially compromising sensitive data and control over the Open WebUI platform.
What immediate steps should I take to mitigate this vulnerability?
To mitigate this vulnerability, immediately upgrade Open WebUI to version 0.6.37 or later, where the Stored XSS vulnerability in the Notes PDF download functionality is fixed. Additionally, avoid importing untrusted Markdown files containing SVG tags into Notes, and restrict access to authenticated users to reduce risk.