Open-WebUI Cross-Site Request Forgery Vulnerability Allowing Sensitive Actions via GET Requests

Vulnerability

A Cross-Site Request Forgery (CSRF) vulnerability has been identified in Open-WebUI version 0.3.8. Sensitive actions, such as deleting and resetting data, are executed using the GET method. This allows attackers to exploit CSRF by tricking users into performing these actions unintentionally, simply by visiting a malicious site or through top-level navigation. The vulnerable endpoints include /rag/api/v1/reset, /rag/api/v1/reset/db, /api/v1/memories/reset, and /rag/api/v1/reset/uploads. This vulnerability affects the application's availability and integrity.

Impact

Exploitation of this vulnerability allows for Cross-Site Request Forgery attacks, where an unaware user can be manipulated into performing sensitive actions, such as deleting or resetting data, thereby compromising the application's integrity and availability.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

4.4

remediation

0.0

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

4.4

remediation

0.0

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Open-WebUI Cross-Site Request Forgery Vulnerability Allowing Sensitive Actions via GET Requests

Vulnerability

Impact

Affected Products

open-webui/open-webui

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating