Vulnerabilities > Lunary > Lunary > 1.4.31

DATE CVE VULNERABILITY TITLE RISK
2025-03-20 CVE-2024-11300 Unspecified vulnerability in Lunary
In lunary-ai/lunary before version 1.6.3, an improper access control vulnerability exists where a user can access prompt data of another user.
network
low complexity
lunary
6.5
2025-03-20 CVE-2025-0281 Cross-site Scripting vulnerability in Lunary
A stored cross-site scripting (XSS) vulnerability exists in lunary-ai/lunary versions 1.6.7 and earlier.
network
low complexity
lunary CWE-79
5.4