MEDIUM 6.1

GHSA-5jp3-wp5v-5363

Open WebUI Stored Cross-Site Scripting Vulnerability

상세

Attackers can craft a malicious prompt that coerces the language model into executing arbitrary JavaScript in the context of the web page.

사용 중인 패키지 버전을 입력하면 즉시 평가합니다.

최초 영향 버전: 0

No fixed version published yet for open-webui (pip). Pin to a known-safe version or switch to an alternative.