Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Multiple stored cross-site scripting (“XSS”) vulnerabilities in the markdown dashboard and dashboard comment functionality of Lightdash version 0.1024.6 allows remote authenticated threat actors to inject malicious scripts into vulnerable web pages. A threat actor could potentially exploit this vulnerability to store malicious JavaScript which executes in the context of a user’s session with the application.
CVSS Information
N/A
Vulnerability Type
在Web页面生成时对输入的转义处理不恰当(跨站脚本)
Vulnerability Title
Lightdash 跨站脚本漏洞
Vulnerability Description
Lightdash是Lightdash开源的一个可视化数据分析工具。 Lightdash 0.1024.6版本存在跨站脚本漏洞,该漏洞源于其markdown仪表板和仪表板评论功能中,容易受到存储型跨站脚本(XSS)攻击,可能允许远程认证的威胁参与者将恶意脚本注入到易受攻击的网页中。
CVSS Information
N/A
Vulnerability Type
N/A