Lucene search
K

4 matches found

Github Security Blog
Github Security Blog
added 2026/06/17 2:14 p.m.10 views

Open WebUI: Stored XSS in Mermaid Markdown Preview

Summary Open WebUI renders Mermaid blocks from Markdown files in the file preview panel and inserts the generated SVG into the DOM using innerHTML. Because Mermaid is configured with securityLevel: 'loose', attacker-controlled Mermaid content can be rendered unsafely in this flow. A working paylo...

8.7CVSS5.6AI score0.002EPSS
Exploits1References2Affected Software1
Snyk
Snyk
added 2026/06/17 2:14 p.m.3 views

Cross-site Scripting (XSS)

Overview open-webui is an Open WebUI Affected versions of this package are vulnerable to Cross-site Scripting XSS in the Markdown file preview process when rendering Mermaid blocks with a permissive security configuration. An attacker can execute arbitrary JavaScript in the context of the victim'...

8.7CVSS5.9AI score0.002EPSS
Exploits1References2
RedhatCVE
RedhatCVE
added 2026/02/14 1:28 a.m.8 views

CVE-2025-9292

A permissive web security configuration may allow cross-origin restrictions enforced by modern browsers to be bypassed under specific circumstances. Exploitation requires the presence of an existing client-side injection vulnerability and user access to the affected web interface. Successful...

2CVSS5.6AI score0.00342EPSS
Exploits0References1
OSV
OSV
added 2020/11/12 6:15 p.m.4 views

CVE-2020-13770

Several services are accessing named pipes in Ivanti Endpoint Manager through 2020.1.1 with default or overly permissive security attributes; as these services run as user ‘NT AUTHORITY\SYSTEM’, the issue can be used to escalate privileges from a local standard or service account having...

7.8CVSS7.1AI score0.0046EPSS
Exploits0References1
Rows per page
Query Builder