CVE-2026-56398
Received Received - Intake

Stored XSS in Open WebUI OAuth Profile Images

Vulnerability report for CVE-2026-56398, including description, CVSS score, EPSS score, affected products, exploitability, helpful resources, and attack-flow context.

Publication date: 2026-07-15

Last updated on: 2026-07-15

Assigner: VulnCheck

Description

Open WebUI before 0.9.5 contains a stored cross-site scripting vulnerability in the OAuth authentication flow where the picture claim URL MIME type is inferred from file extension rather than Content-Type header, allowing SVG files to bypass the profile image validator and be stored as data URIs. Authenticated users who visit the profile image endpoint receive attacker-controlled SVG content with inline disposition and no default security headers, enabling script execution in the same origin to steal authentication tokens and achieve account takeover.

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published
2026-07-15
Last Modified
2026-07-15
Generated
2026-07-15
AI Q&A
2026-07-15
EPSS Evaluated
N/A
NVD
EUVD

Affected Vendors & Products

Showing 1 associated CPE
Vendor Product Version / Range
open_webui open_webui to 0.9.5 (exc)

Helpful Resources

Exploitability

CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-20 The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

Attack-Flow Graph

AI Quick Actions

Instant insights powered by AI
Executive Summary

This is a stored cross-site scripting (XSS) vulnerability in Open WebUI versions before 0.9.5. It occurs during OAuth authentication when the application infers the MIME type of a profile picture URL from its file extension instead of the Content-Type header. This allows attackers to upload malicious SVG files that bypass security checks and are stored as data URIs in user profiles. When other users access these profiles, the SVG executes JavaScript in their browser, enabling token theft and account takeover.

Impact Analysis

If you use Open WebUI with OAuth login enabled, an attacker could steal your authentication token by tricking you into viewing a malicious profile picture. This could lead to unauthorized access to your account, data theft, or further attacks within the application. The attack requires the attacker to have a valid account on your identity provider.

Compliance Impact

This vulnerability could lead to unauthorized access to sensitive user data, violating confidentiality requirements in GDPR and HIPAA. If exploited, it may result in data breaches that require regulatory reporting and potential fines for non-compliance with security controls.

Detection Guidance

To detect this vulnerability, inspect Open WebUI instances running versions 0.9.4 or earlier. Check for unauthorized SVG files stored as data URIs in user profiles. Review OAuth picture claim URLs for unexpected file extensions or external domains. Monitor network traffic for SSRF attempts if the picture claim URL points to internal services.

Mitigation Strategies

Upgrade Open WebUI to version 0.9.5 or later. Enforce MIME type whitelisting for profile images. Apply the profile image validator at the database write layer. Add an SSRF allowlist for picture claim URLs. Set security headers like X-Content-Type-Options: nosniff and a default CSP.

Chat Assistant

Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-56398. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70

EPSS Chart