Attacker controlled files can be uploaded to arbitrary locations on the web server's filesystem by abusing a path traversal vulnerability.
2024-08-07T23:15:41.457
2024-11-21T09:50:09.680
Modified
bbf0bd87-ece2-41be-b873-96928ee8fab9
CVSSv3.1: 8.8 (HIGH)
| Type | Vendor | Product | Version/Range | Vulnerable? |
|---|---|---|---|---|
| Application | openwebui | open_webui | 0.1.105 | Yes |
| Operating System | debian | debian_linux | 12.0 | No |