CVE-2026-54011 | open-webui Open WebUI up to 0.9.5 JavaScript Execution cross site scripting (GHSA-v8qj-hxv7-mgvv)
A vulnerability marked as problematic has been reported in open-webui Open WebUI up to 0.9.5. Affected is an unknown function of the component JavaScript Execution. This manipulation causes cross site scripting.
This vulnerability appears as CVE-2026-54011. The attack may be initiated remotely. There is no available exploit.
It is suggested to upgrade the affected component.