3 matches found
CVE-2024-8053
In version v0.3.10 of open-webui/open-webui, the api/v1/utils/pdf endpoint lacks authentication mechanisms, allowing unauthenticated attackers to access the PDF generation service. This vulnerability can be exploited by sending a POST request with an excessively large payload, potentially leading...
CVE-2024-8053
Open WebUI vulnerability CVE-2024-8053 affects open-webui/open-webui v0.3.10 where the api/v1/utils/pdf endpoint lacks authentication, allowing unauthenticated access to the PDF generation service. Exploitation can involve sending a POST with an excessively large payload, potentially exhausting s...
CVE-2024-8053 Improper Authentication in open-webui/open-webui
In version v0.3.10 of open-webui/open-webui, the api/v1/utils/pdf endpoint lacks authentication mechanisms, allowing unauthenticated attackers to access the PDF generation service. This vulnerability can be exploited by sending a POST request with an excessively large payload, potentially leading...