PT-2025-34524 · Lunary Ai · Lunary
Name of the Vulnerable Software and Affected Versions: lunary-ai/lunary versions up to 1.9.23 Description: A critical stored Cross-Site Scripting XSS vulnerability exists in the Analytics component. The NEXT PUBLIC CUSTOM SCRIPT environment variable is directly injected into the DOM using...