AI Score
Confidence
High
EPSS
Percentile
31.4%
SSVC
Exploitation
poc
Automatable
yes
Technical Impact
total
Attacker controlled files can be uploaded to arbitrary locations on the web server’s filesystem by abusing a path traversal vulnerability.
[
{
"repo": "https://github.com/open-webui/open-webui",
"vendor": "Open WebUI",
"product": "Open WebUI",
"versions": [
{
"status": "affected",
"version": "0.1.105"
}
],
"defaultStatus": "unaffected"
}
]
[
{
"cpes": [
"cpe:2.3:a:openwebui:open_webui:0.1.105:*:*:*:*:*:*:*"
],
"vendor": "openwebui",
"product": "open_webui",
"versions": [
{
"status": "affected",
"version": "0.1.105"
}
],
"defaultStatus": "unknown"
}
]