Cross-site Request Forgery (CSRF) Affecting open-webui package, versions [,0.9.3)


Severity

Recommended
0.0
medium
0
10

CVSS assessment by Snyk's Security Team. Learn more

Threat Intelligence

Exploit Maturity
Proof of Concept
EPSS
0.17% (7th percentile)

Do your applications use this vulnerable package?

In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.

Test your applications
  • Snyk IDSNYK-PYTHON-OPENWEBUI-16755218
  • published19 May 2026
  • disclosed14 May 2026
  • creditbray-sec

Introduced: 14 May 2026

CVE-2026-45317  (opens in a new tab)
CWE-352  (opens in a new tab)

How to fix?

Upgrade open-webui to version 0.9.3 or higher.

Overview

open-webui is an Open WebUI

Affected versions of this package are vulnerable to Cross-site Request Forgery (CSRF) through the get_user_profile_image_by_id and get_model_profile_image handlers in the profile image endpoints. An attacker can supply an external http(s) profile image URL, causing the application to issue a 302 redirect to an attacker-controlled origin, exposing the victim’s IP address, user agent, and referrer when the image is fetched.

CVSS Base Scores

version 4.0
version 3.1