CVE-2026-45303

Name of the Vulnerable Software and Affected Versions Open WebUI versions prior to 0.6.5

Description Scripts can be injected and executed through the HTML rendering view. The frontend includes a function to visualize HTML content of a chat by embedding it in an iFrame. However, the use of the sandbox directive with allow-scripts, allow-forms, and allow-same-origin permissions allows the content to execute scripts and access parent data, such as local storage, effectively nullifying the sandbox protections. This can lead to a Self-XSS attack or be leveraged against other users if an attacker tricks a user into entering specific input, uses the Chat Share function to clone a chat, embeds instructions in uploaded files, or imports conversations via settings.

Recommendations Update to version 0.6.5.