Tag

Session-Management

1 brief RSS

Open WebUI CORS Misconfiguration and Session Validation Vulnerability Leads to RCE

Open WebUI version v0.3.10 has a CORS misconfiguration and session validation issue that can lead to remote code execution due to a one-click attack against admin users.

open-webui cors rce session-management

2r 1t 1h ago