Open WebUI: Prompt Version History Authorization Bypass

Three prompt version-history endpoints fail to verify that the history entry belongs to the authorized prompt, allowing authenticated users to read or delete another user's private prompt history snapshots.

All deployments of Open WebUI where users can create prompts and have access to at least one prompt they control, and where an attacker can obtain victim prompt_history IDs.

Apply the recommended fix: bind every prompt-history operation to the authorized prompt by checking history_entry.prompt_id == prompt.id in compute_diff, delete_history_entry, and update_prompt_version, returning 404/403 on mismatch.