CVE-2024-7990
published 2025-03-20CVE-2024-7990: A stored cross-site scripting (XSS) vulnerability exists in open-webui/open-webui version 0.3.8. The vulnerability is present in the `/api/v1/models/add`…
PriorityP339high8.4CVSS 3.0
AVNACLPRHUIRSCCHIHAH
EPSS
0.89%
54.8th percentile
A stored cross-site scripting (XSS) vulnerability exists in open-webui/open-webui version 0.3.8. The vulnerability is present in the `/api/v1/models/add` endpoint, where the model description field is improperly sanitized before being rendered in chat. This allows an attacker to inject malicious scripts that can be executed by any user, including administrators, potentially leading to arbitrary code execution.
Affected
5 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| open-webui | open-webui | >= 0 < 0.9.0 | 0.9.0 |
| open-webui | open-webui | >= 0 < 0.9.0 | 0.9.0 |
| open-webui | open-webui | 0 – 0.3.8 | — |
| open-webui | open-webui_open-webui | unspecified – latest | — |
| openwebui | open_webui | — | — |
CVSS provenance
nvdv3.08.4HIGHCVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H
ghsa8.4HIGH
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
open-webui Vulnerable to Stored XSS via Model Description
ghsa·2026-05-08·CVSS 8.4
CVE-2026-44721 [HIGH] CWE-79 open-webui Vulnerable to Stored XSS via Model Description
open-webui Vulnerable to Stored XSS via Model Description
> [!IMPORTANT]
> Relationship to CVE-2024-7990
> CVE-2024-7990 (issued by huntr.dev, March 2025) describes a stored XSS in the same field — the model description — but exploits a different bypass mechanism: a second-order injection through the sanitizeResponseContent function's video-tag placeholder restoration logic in v0.3.x. That bypass was closed in v0.4.0 by removing the video exemption from the sanitizer.
The vulnerability described in this advisory is structurally distinct: a markdown-link payload with a javascript: URI passes through sanitizeResponseContent unchanged (no angle brackets), is then parsed by marked.parse() into an `` element, and rendered live by `{@html}`. This is a pipeline-ordering flaw where the dangerou
OSV
Open WebUI stored cross-site scripting (XSS) vulnerability
osv·2025-03-20
CVE-2024-7990 [HIGH] Open WebUI stored cross-site scripting (XSS) vulnerability
Open WebUI stored cross-site scripting (XSS) vulnerability
A stored cross-site scripting (XSS) vulnerability exists in open-webui/open-webui version 0.3.8. The vulnerability is present in the `/api/v1/models/add` endpoint, where the model description field is improperly sanitized before being rendered in chat. This allows an attacker to inject malicious scripts that can be executed by any user, including administrators, potentially leading to arbitrary code execution.
GHSA
Open WebUI stored cross-site scripting (XSS) vulnerability
ghsa·2025-03-20
CVE-2024-7990 [HIGH] CWE-79 Open WebUI stored cross-site scripting (XSS) vulnerability
Open WebUI stored cross-site scripting (XSS) vulnerability
A stored cross-site scripting (XSS) vulnerability exists in open-webui/open-webui version 0.3.8. The vulnerability is present in the `/api/v1/models/add` endpoint, where the model description field is improperly sanitized before being rendered in chat. This allows an attacker to inject malicious scripts that can be executed by any user, including administrators, potentially leading to arbitrary code execution.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2025-03-20
Published