MEDIUM 6.1 PyPI
Open WebUI Stored Cross-Site Scripting Vulnerability
GHSA-5jp3-wp5v-5363 · CVE-2024-6706
Published · Modified
Description
Attackers can craft a malicious prompt that coerces the language model into executing arbitrary JavaScript in the context of the web page.
Ready to move
Start Securing
Free, no credit card | First findings in minutes