CVE-2024-6586 | Lightdash 0.510.3 export insertion of sensitive information into sent data (GHSA-4h7x-6vxh-7hjf)

Inserito da Angelo Barbosa | Ago 31, 2024 | CVE

A vulnerability, which was classified as problematic, has been found in Lightdash 0.510.3. This issue affects some unknown processing of the file /api/v1/dashboards/export. The manipulation leads to insertion of sensitive information into sent data.

The identification of this vulnerability is CVE-2024-6586. Access to the local network is required for this attack. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-6586 | Lightdash 0.510.3 export insertion of sensitive information into sent data (GHSA-4h7x-6vxh-7hjf)

Post correlati

CVE-2023-51605 | Honeywell Saia PG5 Controls Suite xml external entity reference (ZDI-23-1854)

CVE-2024-2276 | Bdtask G-Prescription Gynaecology & OBS Consultation Software Edit Venue Page cross site scripting

CVE-2023-6633 | Site Notes Plugin up to 2.0.0 on WordPress Admin Note cross-site request forgery

CVE-2024-32683 | Wpmet Wp Ultimate Review Plugin up to 2.2.5 on WordPress authorization