Skip to content

Commit a9a0eb9

Browse files
committed
add: AVE-2026-0049
1 parent 6c5f9d2 commit a9a0eb9

1 file changed

Lines changed: 40 additions & 0 deletions

File tree

vulns/2026/AVE-2026-0049.toml

Lines changed: 40 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,40 @@
1+
[basic]
2+
description = "Open WebUI 的引文预览功能存在存储型跨站脚本(Stored XSS)漏洞。攻击者可通过手动修改聊天历史记录,在文档元数据中设置恶意 `html` 属性,使前端在预览引文时将该内容当作 HTML 渲染于 iFrame 中,从而实现 XSS 攻击。该 payload 不仅能在当前聊天中执行,还可通过共享聊天传播。攻击者无需身份认证即可实施攻击,危害范围较广。建议用户升级至修复版本。该漏洞影响了 Open WebUI 的引文模型处理逻辑。"
3+
published = "2026-02-20"
4+
remediation = "升级 Open WebUI 至 0.5.21 或更高版本(该版本修复了 citations 模型中 iFrame 的 HTML 渲染逻辑)。如无法立即升级,可在前端配置中禁用 HTML 内容渲染,或在 WebUI 反向代理层添加 Content-Security-Policy 头限制 iframe 加载来源。同时建议审核所有历史对话中的恶意文档元数据。"
5+
score = 7.5
6+
severity = "HIGH"
7+
sources = ["ghsa"]
8+
title = "Open WebUI 引文模型存储型跨站脚本漏洞"
9+
updated = "2026-02-20"
10+
11+
[exploit]
12+
exp_urls = []
13+
poc_urls = []
14+
15+
[id]
16+
aliases = [
17+
"CVE-2026-26192",
18+
"GHSA-xc8p-9rr6-97r2",
19+
]
20+
ave_id = "AVE-2026-0049"
21+
22+
[meta]
23+
collected_at = "2026-07-14T00:00:00Z"
24+
status = "completed"
25+
26+
[references]
27+
urls = [
28+
"https://github.com/open-webui/open-webui/blob/6f1486ffd0cb288d0e21f41845361924e0d742b3/src/lib/components/chat/Messages/Citations/CitationModal.svelte#L163-L170",
29+
"https://github.com/open-webui/open-webui/security/advisories/GHSA-xc8p-9rr6-97r2",
30+
"https://github.com/trickest/cve/blob/a90de4f84b4783951362f491671e1e9decfc17cb/2026/CVE-2026-26192.md",
31+
"https://github.com/CVEProject/cvelistV5/blob/b8581edcbd9fb1606112c43470d0a7cb92a751f8/cves/2026/26xxx/CVE-2026-26192.json",
32+
"https://github.com/Tabll/gemnasium-db/blob/c78813392a686be9ed8245543249abb80331d014/pypi/open-webui/CVE-2026-26192.yml",
33+
"https://github.com/cisagov/vulnrichment/blob/ed971e3cefde33e9452e919558fe6d8bb57ace07/2026/26xxx/CVE-2026-26192.json",
34+
"https://github.com/zzzteph/low-hanging-vulns/blob/d542be07ac3974f7f57f6bad11af0cbb25117761/nvd/2026/HIGH/CVE-2026-26192/README.md",
35+
"https://github.com/cyberdudebivash/cyberdudebivash-blog/blob/58c134f0816d756d2be404e56b2edadacd32dd12/cve/CVE-2026-26192.html",
36+
"https://github.com/sec-dojo-com/cve-poc/blob/b705b33e466c706c1129370e07ab2e4166c35b4c/pocs/2026/CVE-2026-26192.md",
37+
"https://github.com/edoardottt/missing-cve-nuclei-templates/blob/36c16d53eb6071e39cfc3cf88e99f1b340ec913b/data/year/2026.txt",
38+
"https://github.com/stevologic/security-recipes.ai/blob/f6129ff19f955337f9f194ea8d5a3937dce9acb8/content/recipes/cve/cve-2026-26192-open-webui-vulnerable-to-stored-xss-via-iframe-in-citations-model.md",
39+
"https://github.com/pypa/advisory-database/blob/5e587a8ca2389113109c3f01f9622509efbf6148/vulns/open-webui/PYSEC-2026-2769.yaml",
40+
]

0 commit comments

Comments
 (0)