Open WebUI Stored Cross-Site Scripting Vulnerability in Notes PDF Download Functionality

A stored cross-site scripting vulnerability has been identified in Open WebUI versions prior to 0.6.37, specifically within the Notes PDF download feature. This issue allows authenticated users to execute arbitrary JavaScript by importing Markdown files with malicious SVG tags. When the crafted note is downloaded as a PDF, the embedded script runs, potentially stealing session tokens from the user. Unauthenticated external attackers can exploit this by sharing similar Markdown files, targeting both admin and regular users.

Impact

Exploitation of this vulnerability allows for stored cross-site scripting, where injected scripts are executed in the context of the user who downloads the PDF. This leads to theft of session tokens, which can be used to impersonate the user.

Reproduction

To reproduce this vulnerability, upload a Markdown file containing malicious SVG tags into the Notes feature of Open WebUI version 0.6.36 or earlier. After the note is created, download it as a PDF. The injected JavaScript will execute, demonstrating the cross-site scripting vulnerability.

Remediation

Users can update to Open WebUI version 0.6.37 or later, where this vulnerability has been fixed.