CVE-2025-5352 | lunary-ai lunary up to 1.9.24 Analytics NEXT_PUBLIC_CUSTOM_SCRIPT cross site scripting

A vulnerability categorized as problematic has been discovered in lunary-ai lunary up to 1.9.24. Affected is an unknown function of the component Analytics Component. The manipulation of the argument NEXT_PUBLIC_CUSTOM_SCRIPT results in cross site scripting.

This vulnerability is known as CVE-2025-5352. It is possible to launch the attack remotely. No exploit is available.

It is advisable to upgrade the affected component.VulDB Recent EntriesRead More