VYPR
← All advisories
Moderate severityNVD Advisory· Published Mar 20, 2025· Updated Mar 20, 2025

Stored XSS in open-webui/open-webui

CVE-2024-7044

Description

A Stored Cross-Site Scripting (XSS) vulnerability exists in the chat file upload functionality of open-webui/open-webui version 0.3.8. An attacker can inject malicious content into a file, which, when accessed by a victim through a URL or shared chat, executes JavaScript in the victim's browser. This can lead to user data theft, session hijacking, malware distribution, and phishing attacks.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Stored XSS in open-webui/open-webui v0.3.8 via malicious file upload in chat, enabling session hijacking and data theft.

Vulnerability

A Stored Cross-Site Scripting (XSS) vulnerability exists in the chat file upload functionality of open-webui/open-webui version 0.3.8 [2]. The root cause is insufficient sanitization of file content, allowing an attacker to inject malicious JavaScript into a file that is later served to other users [2].

Exploitation

An attacker can upload a file containing malicious script through the chat interface. When a victim accesses the file via a shared URL or within a chat conversation, the injected JavaScript executes in the victim's browser [2]. No special privileges are required beyond the ability to upload files, making this a low-barrier attack vector.

Impact

Successful exploitation can lead to user data theft, session hijacking, malware distribution, and phishing attacks [2]. Because the XSS is stored, the malicious payload persists and can affect multiple victims over time.

Mitigation

As of the publication date, version 0.3.8 is confirmed vulnerable. Users should update to a patched version if available, and administrators may consider restricting file upload capabilities or applying input validation as a workaround [1].

References
  1. GitHub - open-webui/open-webui: User-friendly AI Interface (Supports Ollama, OpenAI API, ...)
  2. NVD - CVE-2024-7044

AI Insight generated on May 20, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
open-webuiPyPI
<= 0.3.8

Affected products

3

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

3

News mentions

0

No linked articles in our index yet.