CVE-2025-65959
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2025-12-04

Last updated on: 2025-12-10

Assigner: GitHub, Inc.

Description
Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.6.37, a Stored XSS vulnerability was discovered in Open-WebUI's Notes PDF download functionality. An attacker can import a Markdown file containing malicious SVG tags into Notes, allowing them to execute arbitrary JavaScript code and steal session tokens when a victim downloads the note as PDF. This vulnerability can be exploited by any authenticated user, and unauthenticated external attackers can steal session tokens from users (both admin and regular users) by sharing specially crafted markdown files. This vulnerability is fixed in 0.6.37.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-12-04
Last Modified
2025-12-10
Generated
2026-06-16
AI Q&A
2025-12-04
EPSS Evaluated
2026-06-15
NVD
CVE-2025-65959
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
openwebui open_webui to 0.6.37 (exc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-79 The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability is a Stored Cross-Site Scripting (XSS) issue in Open WebUI's Notes PDF download feature before version 0.6.37. An attacker can import a Markdown file containing malicious SVG tags into the Notes section. When a victim downloads the note as a PDF, the embedded JavaScript executes, allowing the attacker to steal session tokens. Both authenticated and unauthenticated attackers can exploit this by sharing specially crafted markdown files.

Impact Analysis

The vulnerability allows attackers to execute arbitrary JavaScript code in the context of the victim's session, leading to theft of session tokens. This can result in unauthorized access to user accounts, including admin accounts, potentially compromising sensitive data and control over the Open WebUI platform.

Mitigation Strategies

To mitigate this vulnerability, immediately upgrade Open WebUI to version 0.6.37 or later, where the Stored XSS vulnerability in the Notes PDF download functionality is fixed. Additionally, avoid importing untrusted Markdown files containing SVG tags into Notes, and restrict access to authenticated users to reduce risk.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2025-65959. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart