|
| 1 | +[basic] |
| 2 | +description = "Open WebUI 的引文预览功能存在存储型跨站脚本(Stored XSS)漏洞。攻击者可通过手动修改聊天历史记录,在文档元数据中设置恶意 `html` 属性,使前端在预览引文时将该内容当作 HTML 渲染于 iFrame 中,从而实现 XSS 攻击。该 payload 不仅能在当前聊天中执行,还可通过共享聊天传播。攻击者无需身份认证即可实施攻击,危害范围较广。建议用户升级至修复版本。该漏洞影响了 Open WebUI 的引文模型处理逻辑。" |
| 3 | +published = "2026-02-20" |
| 4 | +remediation = "升级 Open WebUI 至 0.5.21 或更高版本(该版本修复了 citations 模型中 iFrame 的 HTML 渲染逻辑)。如无法立即升级,可在前端配置中禁用 HTML 内容渲染,或在 WebUI 反向代理层添加 Content-Security-Policy 头限制 iframe 加载来源。同时建议审核所有历史对话中的恶意文档元数据。" |
| 5 | +score = 7.5 |
| 6 | +severity = "HIGH" |
| 7 | +sources = ["ghsa"] |
| 8 | +title = "Open WebUI 引文模型存储型跨站脚本漏洞" |
| 9 | +updated = "2026-02-20" |
| 10 | + |
| 11 | +[exploit] |
| 12 | +exp_urls = [] |
| 13 | +poc_urls = [] |
| 14 | + |
| 15 | +[id] |
| 16 | +aliases = [ |
| 17 | + "CVE-2026-26192", |
| 18 | + "GHSA-xc8p-9rr6-97r2", |
| 19 | +] |
| 20 | +ave_id = "AVE-2026-0049" |
| 21 | + |
| 22 | +[meta] |
| 23 | +collected_at = "2026-07-14T00:00:00Z" |
| 24 | +status = "completed" |
| 25 | + |
| 26 | +[references] |
| 27 | +urls = [ |
| 28 | + "https://github.com/open-webui/open-webui/blob/6f1486ffd0cb288d0e21f41845361924e0d742b3/src/lib/components/chat/Messages/Citations/CitationModal.svelte#L163-L170", |
| 29 | + "https://github.com/open-webui/open-webui/security/advisories/GHSA-xc8p-9rr6-97r2", |
| 30 | + "https://github.com/trickest/cve/blob/a90de4f84b4783951362f491671e1e9decfc17cb/2026/CVE-2026-26192.md", |
| 31 | + "https://github.com/CVEProject/cvelistV5/blob/b8581edcbd9fb1606112c43470d0a7cb92a751f8/cves/2026/26xxx/CVE-2026-26192.json", |
| 32 | + "https://github.com/Tabll/gemnasium-db/blob/c78813392a686be9ed8245543249abb80331d014/pypi/open-webui/CVE-2026-26192.yml", |
| 33 | + "https://github.com/cisagov/vulnrichment/blob/ed971e3cefde33e9452e919558fe6d8bb57ace07/2026/26xxx/CVE-2026-26192.json", |
| 34 | + "https://github.com/zzzteph/low-hanging-vulns/blob/d542be07ac3974f7f57f6bad11af0cbb25117761/nvd/2026/HIGH/CVE-2026-26192/README.md", |
| 35 | + "https://github.com/cyberdudebivash/cyberdudebivash-blog/blob/58c134f0816d756d2be404e56b2edadacd32dd12/cve/CVE-2026-26192.html", |
| 36 | + "https://github.com/sec-dojo-com/cve-poc/blob/b705b33e466c706c1129370e07ab2e4166c35b4c/pocs/2026/CVE-2026-26192.md", |
| 37 | + "https://github.com/edoardottt/missing-cve-nuclei-templates/blob/36c16d53eb6071e39cfc3cf88e99f1b340ec913b/data/year/2026.txt", |
| 38 | + "https://github.com/stevologic/security-recipes.ai/blob/f6129ff19f955337f9f194ea8d5a3937dce9acb8/content/recipes/cve/cve-2026-26192-open-webui-vulnerable-to-stored-xss-via-iframe-in-citations-model.md", |
| 39 | + "https://github.com/pypa/advisory-database/blob/5e587a8ca2389113109c3f01f9622509efbf6148/vulns/open-webui/PYSEC-2026-2769.yaml", |
| 40 | +] |
0 commit comments