Open WebUI Stored Cross-Site Scripting Vulnerability in Citation Modal

A stored cross-site scripting vulnerability has been identified in Open WebUI versions through 0.6.43. The issue arises from the ability to manually edit chat history to include HTML content in document metadata. This HTML is then rendered in an iFrame when citations are previewed, allowing for the execution of malicious scripts. The vulnerability is triggered by viewing the citation in a shared chat, where the injected script also runs. The problem has been fixed in version 0.7.0.

Impact

Exploitation of this vulnerability allows for stored cross-site scripting, where injected scripts are executed in the context of the user viewing the citation. This could lead to session hijacking or, for admin users, remote code execution on the server.

Reproduction

To reproduce this vulnerability, upload a file in a chat and manually edit the chat history to include a document payload with an XSS exploit, such as a script tag. Ensure the 'html' property is set to true in the metadata. Once the document is updated, the payload will execute when the citation is viewed, especially in a shared chat.

Remediation

Users are advised to update to Open WebUI version 0.7.0 or later, where this vulnerability has been patched.