Attackers can craft a malicious prompt that coerces the language model into executing arbitrary JavaScript in the context of the web page.
[
{
"defaultStatus": "unaffected",
"product": "Open WebUI",
"repo": "https://github.com/open-webui/open-webui",
"vendor": "Open WebUI",
"versions": [
{
"status": "affected",
"version": "0.1.105"
}
]
}
]