Lightdash: Malicious Dashboard Exports

In Lightdash version 0.1024.6 a high severity vulnerability CVE-2024-6586 has been detected. This vulnerability allows users with the necessary permissions to create and share dashboards containing HTML elements that can point to a threat actor-controlled source, which may trigger an SSRF request when exported via a POST request to /api/v1/dashboards//export. To fix this issue, users should upgrade to Lightdash version 0.1027.2. For more details, please visit the https://nvd.nist.gov/vuln/detail/CVE-2024-6586.