Open WebUI allows an attacker to execute arbitrary JavaScript in the context of the client’s browser by embedding malicious code within an Office/Excel/DOCX file that is rendered as HTML. The rendering process uses XLSX.utils.sheet_to_html() to generate HTML and then injects that output into the page via {@html excelHtml} without applying DOMPurify, creating a classic stored XSS vulnerability. An attacker who can supply a malicious file can steal session cookies, perform credential theft, or take control of the victim’s session, thereby compromising confidentiality and integrity of user data.

The affected product is open-webui by open-webui. Versions released before 0.9.3 are vulnerable; the flaw was reintroduced sometime after v0.8.0 and is fixed in 0.9.3. No additional products or versions are listed.

The CVSS score of 5.4 indicates a moderate severity. The EPSS score is not available, and the vulnerability is not listed in the CISA KEV catalog, suggesting low to moderate exploitation probability. Exploitation requires the ability to upload or otherwise provide a malicious Office/Excel/DOCX file that will be previewed, so users with upload privileges are at risk. Once executed, injected scripts run with the privileges of the viewing user, enabling session hijacking or data exfiltration. The lack of an active KEV listing reduces the likelihood of widespread exploitation, but the presence of a moderate CVSS score warrants prompt remediation.