A critical, unpatched vulnerability is actively threatening Open WebUI users, turning a simple profile picture upload into a gateway for complete system compromise. Security researchers have publicly disclosed a severe stored Cross-Site Scripting (XSS) flaw that enables 1-click Remote Code Execution (RCE) and full account hijacking with no patch currently available. The security flaw resides […]
The post Open WebUI File Upload Vulnerability Enables One-Click RCE Attacks appeared first on Cyber Security News.