Open WebUI Chat Completions API Access Control Vulnerability

A vulnerability in Open WebUI prior to version 0.9.0 allows users to access and continue conversations of other users through the Chat Completions API. This issue arises from a lack of proper ownership verification, enabling any user to manipulate chats as long as they know the Chat ID. The vulnerability could lead to unauthorized access to private conversations and sensitive information.

Impact

Exploitation of this vulnerability allows users to read the conversations of others and access private information, provided they know the Chat ID, which is visible in the chat URL.

Reproduction

To reproduce this vulnerability, sign in to Open WebUI with any user account and generate an API key. Then, create a conversation with another user and copy the Chat ID from the URL. Using the API endpoint '/api/chat/completions' with the Chat ID of the other user, the conversation can be continued, demonstrating the lack of access control.

Remediation

Users can update to Open WebUI version 0.9.0 or later, where this vulnerability has been fixed.