PT-2025-12183
Name of the Vulnerable Software and Affected Versions open-webui/open-webui version 0.3.8 Description A vulnerability allows an attacker with a user-level account to perform a session fixation attack. The session cookie for all users is set with the default SameSite=Lax and does not have the Secu...