N/A

Lightdash version 0.1024.6 allows users with the necessary permissions, such as Administrator or Editor, to create and share dashboards. A dashboard that contains HTML elements which point to a threat actor controlled source can trigger an SSRF request when exported, via a POST request to /api/v1/dashboards//export. The forged request contains the value of the exporting user’s session token. A threat actor could obtain the session token of any user who exports the dashboard. The obtained session token can be used to perform actions as the victim on the application, resulting in session takeover.

N/A

通过发送数据的信息暴露

Lightdash 安全漏洞

Lightdash是Lightdash开源的一个可视化数据分析工具。 Lightdash 0.1024.6版本存在安全漏洞，该漏洞源于服务端请求伪造（SSRF）问题，可能允许威胁参与者在用户导出包含指向威胁源的HTML元素的仪表板时获取用户的会话令牌，从而导致会话劫持。

N/A

N/A