CVE-2025-64496 | open-webui Open WebUI up to 0.6.34 Direct Connections Feature cross site scripting (GHSA-cm35-v4vp-5xvx)

A vulnerability categorized as problematic has been discovered in open-webui Open WebUI up to 0.6.34. Affected by this vulnerability is an unknown functionality of the component Direct Connections Feature. The manipulation results in cross site scripting.

This vulnerability is cataloged as CVE-2025-64496. The attack may be launched remotely. There is no exploit available.

It is advisable to upgrade the affected component.VulDB Recent EntriesRead More