Cross-site Scripting (XSS)
Overview open-webui is an Open WebUI Affected versions of this package are vulnerable to Cross-site Scripting XSS through the /api/v1/models/add endpoint. An attacker can execute arbitrary scripts that affect other users, including administrators, by injecting malicious scripts into the model...