5107 matches found
CVE-2026-26193
Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to version 0.6.44, aanually modifying chat history allows setting the embeds property on a response message, the content of which is loaded into an iFrame with a sandbox that has allow-scripts...
CVE-2026-25453
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in mdempfle Advanced iFrame advanced-iframe allows DOM-Based XSS.This issue affects Advanced iFrame: from n/a through = 2025.10...
CVE-2026-25412
Missing Authorization vulnerability in mdempfle Advanced iFrame advanced-iframe allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Advanced iFrame: from n/a through = 2025.10...
CVE-2026-26193
Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to version 0.6.44, aanually modifying chat history allows setting the embeds property on a response message, the content of which is loaded into an iFrame with a sandbox that has allow-scripts...
CVE-2026-26192
Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to version 0.7.0, aanually modifying chat history allows setting the html property within document metadata. This causes the frontend to enter a code path that treats document contents as HTML...
CVE-2026-26193 Open WebUI vulnerable to Stored XSS via iFrame embeds in response messages
Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to version 0.6.44, aanually modifying chat history allows setting the embeds property on a response message, the content of which is loaded into an iFrame with a sandbox that has allow-scripts...
CVE-2026-26193 Open WebUI vulnerable to Stored XSS via iFrame embeds in response messages
Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to version 0.6.44, aanually modifying chat history allows setting the embeds property on a response message, the content of which is loaded into an iFrame with a sandbox that has allow-scripts...
CVE-2026-26193
Open WebUI (self-hosted, offline) is affected prior to v0.6.44. The vulnerability arises from allowing manual modification of chat history to set the embeds property on a response message, which is loaded into an iframe with an aggressive sandbox (allow-scripts and allow-same-origin) that bypasse...
CVE-2026-26192
Open WebUI (self-hosted offline) before v0.7.0 allows stored XSS via a crafted document payload by modifying chat history to set html in document metadata; the frontend treats contents as HTML and renders in an iframe during citation preview or shared chat view. Version 0.7.0 fixes the issue. No ...
CVE-2026-26192 Open WebUI vulnerable to Stored XSS via iFrame in citations model
Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to version 0.7.0, aanually modifying chat history allows setting the html property within document metadata. This causes the frontend to enter a code path that treats document contents as HTML...
CVE-2026-26192 Open WebUI vulnerable to Stored XSS via iFrame in citations model
Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to version 0.7.0, aanually modifying chat history allows setting the html property within document metadata. This causes the frontend to enter a code path that treats document contents as HTML...
CVE-2026-26192 Open WebUI vulnerable to Stored XSS via iFrame in citations model
Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to version 0.7.0, aanually modifying chat history allows setting the html property within document metadata. This causes the frontend to enter a code path that treats document contents as HTML...
CVE-2026-26223
SPIP before 4.4.8 allows cross-site scripting XSS in the private area via malicious iframe tags. The application does not properly sandbox or escape iframe content in the back-office, allowing an attacker to inject and execute malicious scripts. The fix adds a sandbox attribute to iframe tags in...
CVE-2026-26223
SPIP before 4.4.8 allows cross-site scripting XSS in the private area via malicious iframe tags. The application does not properly sandbox or escape iframe content in the back-office, allowing an attacker to inject and execute malicious scripts. The fix adds a sandbox attribute to iframe tags in...
UBUNTU-CVE-2026-26223
SPIP before 4.4.8 allows cross-site scripting XSS in the private area via malicious iframe tags. The application does not properly sandbox or escape iframe content in the back-office, allowing an attacker to inject and execute malicious scripts. The fix adds a sandbox attribute to iframe tags in...
CVE-2026-26223
SPIP before 4.4.8 allows cross-site scripting XSS in the private area via malicious iframe tags. The application does not properly sandbox or escape iframe content in the back-office, allowing an attacker to inject and execute malicious scripts. The fix adds a sandbox attribute to iframe tags in...
CVE-2026-26223 SPIP < 4.4.8 Cross-Site Scripting via Iframe Tags in Private Area
SPIP before 4.4.8 allows cross-site scripting XSS in the private area via malicious iframe tags. The application does not properly sandbox or escape iframe content in the back-office, allowing an attacker to inject and execute malicious scripts. The fix adds a sandbox attribute to iframe tags in...
CVE-2026-26223
SPIP before 4.4.8 is vulnerable to Cross-Site Scripting in the private area via malicious iframe tags. The root cause is iframe content not properly sandboxed or escaped in the back-office. SPIP 4.4.8 fixes this by adding a sandbox attribute to iframe tags in the private area; the issue is not mi...
CVE-2026-26223 SPIP < 4.4.8 Cross-Site Scripting via Iframe Tags in Private Area
SPIP before 4.4.8 allows cross-site scripting XSS in the private area via malicious iframe tags. The application does not properly sandbox or escape iframe content in the back-office, allowing an attacker to inject and execute malicious scripts. The fix adds a sandbox attribute to iframe tags in...
CVE-2025-71245
SPIP