python · open-webuiCritical

open-webui: Stored XSS via Mermaid in Markdown Preview

Open WebUI renders Mermaid blocks from Markdown files in the file preview panel with securityLevel set to 'loose', allowing stored XSS via malicious Mermaid con

18 Jun 2026Read 1 minSeverity: act now

What changed

Open WebUI renders Mermaid blocks from Markdown files in the file preview panel with securityLevel set to 'loose', allowing stored XSS via malicious Mermaid content.

Who it affects

Users who open malicious Markdown files in the preview panel; all versions including main and v0.8.12.

What to do today

Upgrade to a patched version or apply the remediation by setting Mermaid securityLevel to 'strict'.

The trail

Collected→ Audited→ Written→ Published

Source

GitHub Advisory · open-webui

open-webui: Stored XSS via Mermaid in Markdown Preview

What changed

Who it affects

What to do today

More on open-webui

vllm: Temperature validation silently passes NaN and +Inf values

vllm: Fix three image processing issues (EXIF orientation, PNG tRNS, APNG/GIF frames)