CVE-2025-4779 – This stored XSS vulnerability in lunary-ai/luna... (How to Fix)

Q: What is the severity of CVE-2025-4779?

CVE-2025-4779 has a CVSS score of 6.1 (MEDIUM). This stored XSS vulnerability in lunary-ai/lunary allows unauthenticated attackers to inject malicious JavaScript via the v1/runs/ingest endpoint. When exploited, arbitrary code executes in users' browsers, potentially compromising sessions and stealing data. All users running versions before 1.9.24 are affected.

📋 TL;DR

This stored XSS vulnerability in lunary-ai/lunary allows unauthenticated attackers to inject malicious JavaScript via the v1/runs/ingest endpoint. When exploited, arbitrary code executes in users' browsers, potentially compromising sessions and stealing data. All users running versions before 1.9.24 are affected.

💻 Affected Systems

Products:

lunary-ai/lunary

Versions: All versions prior to 1.9.24

Operating Systems: All

Default Config Vulnerable: ⚠️ Yes

Notes: Vulnerability exists in default configuration when using the ingest endpoint.

📦 What is this software?

Lunary by Lunary

View all CVEs affecting Lunary →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Attackers hijack admin sessions, steal sensitive data, deploy ransomware, or pivot to internal systems through compromised browsers.

🟠

Likely Case

Session hijacking leading to unauthorized access, data exfiltration, or credential theft from authenticated users.

🟢

If Mitigated

Limited impact with proper CSP headers and input validation, though XSS may still bypass some controls.

🌐 Internet-Facing: HIGH

🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: LIKELY

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

Exploit requires sending crafted payload to ingest endpoint; no authentication needed.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 1.9.24

Vendor Advisory: https://github.com/lunary-ai/lunary/commit/18750294a76ff6c0f3f1b6af4ac1a23399836b16

Restart Required: Yes

Instructions:

1. Update lunary to version 1.9.24 or later. 2. Restart the lunary service. 3. Verify the fix by checking the version.

🔧 Temporary Workarounds

Input Validation Filter

all

Add server-side validation to reject empty citations fields or sanitize input.

Modify server code to validate/sanitize citations parameter

CSP Header Implementation

all

Implement Content Security Policy headers to restrict script execution.

Add 'Content-Security-Policy: script-src 'self'' to HTTP headers

🧯 If You Can't Patch

Disable or restrict access to the v1/runs/ingest endpoint using firewall rules or WAF.
Implement strict input validation and output encoding for all user-controlled data.

🔍 How to Verify

Check if Vulnerable:

Check if lunary version is below 1.9.24 and test by sending empty citations field to ingest endpoint.

Check Version:

Check package.json or run 'npm list lunary' if using npm, or inspect deployment version.

Verify Fix Applied:

Update to 1.9.24+ and test that empty citations no longer trigger XSS; verify commit 18750294 is applied.

📡 Detection & Monitoring

Log Indicators:

Unusual POST requests to /v1/runs/ingest with empty or malformed citations
JavaScript payloads in request logs

Network Indicators:

HTTP requests with empty citations parameter to ingest endpoint
Suspicious script tags in network traffic

SIEM Query:

source="web_logs" AND uri_path="/v1/runs/ingest" AND (citations="" OR citations=null)

📊 Metadata

CVE ID: CVE-2025-4779

CVSS v3 Score: 6.1 (MEDIUM)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

CWE: CWE-79

EPSS Score: 0.15% exploit probability (36th percentile)

Published: July 7, 2025

Last Updated: December 3, 2025

🔗 References

https://github.com/lunary-ai/lunary/commit/18750294a76ff6c0f3f1b6af4ac1a23399836b16 Patch
https://huntr.com/bounties/c603b64e-5171-4eed-8983-a7f656ce2c4d Exploit,Patch,Third Party Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-4779, you might also want to check these: