open-webui: Path traversal in cache file serving allows reading sibling directories

A path traversal vulnerability in open-webui's cache file serving endpoint allows authenticated users to read files from sibling directories whose names start with 'cache' (e.g., cache_sibling, cache_backup). The bug is in serve_cache_file() which uses file_path.startswith(os.path.abspath(CACHE_DIR)) without a trailing os.sep, enabling a narrow bypass.

Any authenticated user (role 'user' or 'admin') can read files from sibling directories that start with 'cache' located adjacent to the configured CACHE_DIR. Deep traversal and absolute paths are blocked.

Apply the suggested fix by appending os.sep to the prefix in the startswith check: change 'file_path.startswith(os.path.abspath(CACHE_DIR))' to 'file_path.startswith(os.path.abspath(CACHE_DIR) + os.sep)'.