CVE-2025-4779 is a critical stored cross-site scripting (XSS) vulnerability affecting lunary-ai's lunary product versions prior to 1.9.24. The vulnerability arises from improper neutralization of input during web page generation, specifically within the `v1/runs/ingest` API endpoint. An unauthenticated attacker can exploit this flaw by submitting a request with an empty `citations` field, which triggers a code path where the React property `dangerouslySetInnerHTML` is used to render attacker-controlled content without proper sanitization. This allows the injection and execution of arbitrary JavaScript in the context of the victim user's browser. The impact of this vulnerability includes potential session hijacking, theft of sensitive data, unauthorized actions performed on behalf of the user, and further compromise of the affected web application or its users. The vulnerability has a CVSS v3.0 base score of 9.1, indicating critical severity, with an attack vector that requires no authentication or user interaction, making it highly exploitable remotely. Although no known exploits are currently reported in the wild, the ease of exploitation and the critical impact on confidentiality and integrity make this a significant threat. The vulnerability is categorized under CWE-79, which is a common and well-understood class of web application security flaws related to improper input sanitization and output encoding.

For European organizations using lunary-ai/lunary, this vulnerability poses a severe risk to the confidentiality and integrity of their web applications and user data. Successful exploitation could lead to session hijacking, allowing attackers to impersonate legitimate users and access sensitive information or perform unauthorized actions. This could result in data breaches involving personal data protected under GDPR, leading to regulatory penalties and reputational damage. Additionally, the execution of arbitrary scripts could facilitate further attacks such as phishing, malware distribution, or lateral movement within the organization's network. Since the vulnerability is exploitable without authentication or user interaction, attackers can target public-facing instances of lunary-ai/lunary, increasing the likelihood of widespread exploitation. The availability impact is low, but the overall business impact is high due to potential data loss, compliance violations, and erosion of user trust.

European organizations should immediately upgrade lunary-ai/lunary to version 1.9.24 or later, where this vulnerability is addressed. If upgrading is not immediately feasible, implement strict input validation and sanitization on the `v1/runs/ingest` endpoint to reject or properly encode any input that could be interpreted as executable code. Avoid using `dangerouslySetInnerHTML` or ensure that any use of it is accompanied by robust sanitization libraries such as DOMPurify to neutralize malicious scripts. Employ Content Security Policy (CSP) headers to restrict the execution of untrusted scripts and reduce the impact of potential XSS attacks. Regularly audit and monitor web application logs for suspicious activity related to this endpoint. Conduct security testing, including automated and manual penetration tests focused on XSS vulnerabilities, to verify the effectiveness of mitigations. Additionally, educate developers on secure coding practices to prevent similar issues in future releases.