CVE-2024-7041 | open-webui up to 0.3.8 API Endpoint update unnecessary privileges

Posted by Angelo Barbosa | Oct 9, 2024 | CVE

A vulnerability has been found in open-webui up to 0.3.8 and classified as problematic. This vulnerability affects unknown code of the file /api/v1/memories/{id}/update of the component API Endpoint. The manipulation leads to execution with unnecessary privileges.

This vulnerability was named CVE-2024-7041. The attack can be initiated remotely. There is no exploit available.

CVE-2024-7041 | open-webui up to 0.3.8 API Endpoint update unnecessary privileges

Related Posts

CVE-2023-7172 | PHPGurukul Hospital Management System 1.0 Admin Dashboard sql injection

CVE-2024-5520 | Alkacon OpenCMS 16 Admin Panel title cross site scripting

CVE-2023-45084 | SoftIron HyperCloud up to 2.0.2 Drive Caddy missing synchronization

CVE-2024-0570 | Totolink N350RT 9.3.5u.6265 Setting /cgi-bin/cstecgi.cgi access control