CVE-2026-45314

Name of the Vulnerable Software and Affected Versions Open WebUI versions prior to 0.9.3

Description The channel webhook create and update flow accepts arbitrary profile image url values, including base64-encoded SVG payloads. The endpoint '/api/v1/channels/webhooks/{webhook id}/profile/image' decodes and serves these SVGs as 'image/svg+xml' without sanitization. This allows attacker-controlled script handlers, such as onload, to execute in the application origin when the URL is opened in a browser, resulting in stored Cross-Site Scripting (XSS). This can lead to the exfiltration of session tokens or API keys and unauthorized actions performed on behalf of the victim.

Recommendations Update to version 0.9.3. As a temporary workaround, restrict access to the '/api/v1/channels/webhooks/{webhook id}/profile/image' endpoint or avoid using the profile image url parameter in webhook configurations until the update is applied.