Open WebUI Vulnerable to Stored DOM XSS via Note 'Download PDF'

Summary A Stored XSS vulnerability has been discovered in Open-WebUI's Notes PDF download functionality. An attacker can import a Markdown file containing malicious SVG tags into Notes, allowing them to execute arbitrary JavaScript code and steal session tokens when a victim downloads the note as...

EUVD-2025-201263

Open WebUI Vulnerable to Stored DOM XSS via Note 'Download PDF'...

CVE-2025-65959

CVE-2025-65959 concerns a stored XSS in Open WebUI’s Notes PDF download feature. The vulnerability arises when HTML content from a Markdown note is assigned directly to innerHTML during PDF generation, enabling arbitrary JavaScript execution (e.g., SVG-based payloads) and session-token theft. Exp...

PT-2025-49146

Name of the Vulnerable Software and Affected Versions Open WebUI versions prior to 0.6.37 Description Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. A Stored Cross-Site Scripting XSS issue was identified in the Notes PDF download functionality. ...