CVE-2025-0281
MEDIUMlunary < 1.7.10 - Stored Cross-Site Scripting via SAML IdP XML Metadata
Title source: llmDescription
A stored cross-site scripting (XSS) vulnerability exists in lunary-ai/lunary versions 1.6.7 and earlier. An attacker can inject malicious JavaScript into the SAML IdP XML metadata, which is used to generate the SAML login redirect URL. This URL is then set as the value of `window.location.href` without proper validation or sanitization. This vulnerability allows the attacker to execute arbitrary JavaScript in the context of the user's browser, potentially leading to session hijacking, data theft, or other malicious actions. The issue is fixed in version 1.7.10.
References (2)
Core 2
Core References
Exploit, Third Party Advisory
https://huntr.com/bounties/b3f4a655-5b08-4fef-be2c-aac8703ad5d0
Scores
CVSS v3
5.4
EPSS
0.0035
EPSS Percentile
27.2%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
CISA SSVC
Vulnrichment
Exploitation
poc
Automatable
no
Technical Impact
total
Details
CWE
CWE-79
Status
published
Products (1)
lunary/lunary
< 1.7.10
Published
Mar 20, 2025
Tracked Since
Feb 18, 2026