Filtered by vendor Openwebui
Subscriptions
Total
21 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-7049 | 2 Open-webui, Openwebui | 2 Open-webui, Open Webui | 2024-10-17 | 5.4 Medium |
| In version v0.3.8 of open-webui/open-webui, a vulnerability exists where a token is returned when a user with a pending role logs in. This allows the user to perform actions without admin confirmation, bypassing the intended approval process. | ||||