CVE-2025-59053 | moeru-ai airi 0.7.2-beta.2 MarkdownRenderer.vue highlightTagToHtml cross site scripting (GHSA-9832-f8jx-hw6f)

Inserito da Angelo Barbosa | Set 12, 2025 | CVE

A vulnerability identified as problematic has been detected in moeru-ai airi 0.7.2-beta.2. Affected by this issue is the function highlightTagToHtml in the library crates/tauri-plugin-mcp/src/lib.rs of the file packages/stage-ui/src/components/MarkdownRenderer.vue. This manipulation causes cross site scripting.

This vulnerability is handled as CVE-2025-59053. The attack can be initiated remotely. There is not any exploit available.

To fix this issue, it is recommended to deploy a patch.

CVE-2025-59053 | moeru-ai airi 0.7.2-beta.2 MarkdownRenderer.vue highlightTagToHtml cross site scripting (GHSA-9832-f8jx-hw6f)

Post correlati

CVE-2025-22262 | NotFound Bonjour Bar Plugin up to 1.0.0 on WordPress cross site scripting

CVE-2024-40859 | Apple macOS up to 14.7 permission

CVE-2023-43997 | Yoruichi hobby base mini-app on Line 13.6.1 Channel Access Token information disclosure

CVE-2024-33566 | N-Media OrderConvo Plugin up to 12.4 on WordPress authorization