VYPR
← All advisories
High severityNVD Advisory· Published Mar 20, 2025· Updated Mar 20, 2025

Session Fixation in open-webui/open-webui

CVE-2024-7053

Description

A vulnerability in open-webui/open-webui version 0.3.8 allows an attacker with a user-level account to perform a session fixation attack. The session cookie for all users is set with the default SameSite=Lax and does not have the Secure flag enabled, allowing the session cookie to be sent over HTTP to a cross-origin domain. An attacker can exploit this by embedding a malicious markdown image in a chat, which, when viewed by an administrator, sends the admin's session cookie to the attacker's server. This can lead to a stealthy administrator account takeover, potentially resulting in remote code execution (RCE) due to the elevated privileges of administrator accounts.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

CVE-2024-7053: Session fixation in open-webui 0.3.8 via malicious markdown image allows admin account takeover and potential RCE.

Vulnerability

Overview

CVE-2024-7053 describes a session fixation vulnerability in open-webui version 0.3.8 [2]. The root cause is that the application sets session cookies with SameSite=Lax and without the Secure flag. This configuration allows session cookies to be sent over HTTP to a cross-origin domain, enabling a session fixation attack [2].

Attack

Vector

An attacker with a standard user-level account can exploit this by embedding a crafted markdown image in a chat message [2]. When an administrator views the message, the image request triggers the transmission of the administrator's session cookie to an attacker-controlled server [2]. The attack requires no special privileges beyond a basic user account, making it widely exploitable within the platform.

Impact

Successful exploitation leads to a stealthy administrator account takeover [2]. By hijacking the admin's session, the attacker gains elevated privileges, which could be chained to achieve remote code execution (RCE) [2]. The official description highlights that the impact is significant due to the high level of access associated with administrator accounts.

Mitigation

The vulnerability affects open-webui version 0.3.8 [2]. The vendor has been notified, and users should update to a patched version as soon as it becomes available. No workaround is described, but administrators should monitor for unexpected session behavior until a fix is applied [1][3].

References
  1. GitHub - open-webui/open-webui: User-friendly AI Interface (Supports Ollama, OpenAI API, ...)
  2. NVD - CVE-2024-7053
  3. The world’s first bug bounty platform for AI/ML

AI Insight generated on May 20, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
open-webuiPyPI
<= 0.3.8

Affected products

3

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

3

News mentions

0

No linked articles in our index yet.