CVE-2025-65959: Open WebUI Vulnerable to Stored DOM XSS via Note 'Download PDF'

December 4, 2025

A Stored XSS vulnerability has been discovered in Open-WebUI’s Notes PDF download functionality. An attacker can import a Markdown file containing malicious SVG tags into Notes, allowing them to execute arbitrary JavaScript code and steal session tokens when a victim downloads the note as PDF.

This vulnerability can be exploited by any authenticated user, and unauthenticated external attackers can steal session tokens from users (both admin and regular users) by sharing specially crafted markdown files.

References

github.com/advisories/GHSA-8wvc-869r-xfqf
github.com/open-webui/open-webui
github.com/open-webui/open-webui/commit/03cc6ce8eb5c055115406e2304fbf7e3338b8dce
github.com/open-webui/open-webui/security/advisories/GHSA-8wvc-869r-xfqf
nvd.nist.gov/vuln/detail/CVE-2025-65959

Code Behaviors & Features

Detect and mitigate CVE-2025-65959 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →