CVE-2025-4779 | lunary-ai lunary up to 1.9.23 dangerouslySetInnerHTML citations cross site scripting

Inserito da Angelo Barbosa | Lug 7, 2025 | CVE

A vulnerability classified as problematic was found in lunary-ai lunary up to 1.9.23. This vulnerability affects the function dangerouslySetInnerHTML. The manipulation of the argument citations leads to cross site scripting.

This vulnerability was named CVE-2025-4779. The attack can be initiated remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2025-4779 | lunary-ai lunary up to 1.9.23 dangerouslySetInnerHTML citations cross site scripting

Post correlati

CVE-2025-1348 | IBM Sterling B2B Integrator/Sterling File Gateway up to 6.1.2.6/6.2.0.4 web browser cache containing sensitive information

CVE-2025-45514 | Tenda FH451 1.0.0.9 frmL7ImForm stack-based overflow

CVE-2025-3078 | Canon imageRUNNER ADVANCE insufficiently protected credentials

CVE-2024-55894 | TYPO3 up to 10.4.47/11.5.41/12.4.24/13.4.2 Backend User Module cross-site request forgery (GHSA-6w4x-gcx3-8p7v)