Vulnerabilities > Openwebui

DATE	CVE	VULNERABILITY TITLE	RISK
2024-08-07	CVE-2024-6706	Cross-site Scripting vulnerability in Openwebui Open Webui 0.1.105 Attackers can craft a malicious prompt that coerces the language model into executing arbitrary JavaScript in the context of the web page. network low complexity openwebui CWE-79	6.1
2024-08-07	CVE-2024-6707	Path Traversal vulnerability in Openwebui Open Webui 0.1.105 Attacker controlled files can be uploaded to arbitrary locations on the web server's filesystem by abusing a path traversal vulnerability. network low complexity openwebui CWE-22	8.8

Vulnerabilities > Openwebui {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Openwebui"}]}