Product
Open WebUI version 0.1.105 is vulnerable to arbitrary file upload and path traversal, allowing attackers to upload files to arbitrary locations on the web server's filesystem by exploiting a lack of filename validation.