Kennethchiong

**Name of the Vulnerable Software and Affected Versions** Lightdash version 0.1024.6 **Description** Multiple stored cross-site scripting (XSS) vulnerabilities in the markdown dashboard and dashboard comment functionality allow remote authenticated threat actors to inject malicious scripts into vulnerable web pages. A threat actor could potentially exploit this vulnerability to store malicious JavaScript which executes in the context of a user’s session with the application. **Recommendations** For version 0.1024.6, consider upgrading to a newer version to mitigate the risk of compromised user data and sessions. As a temporary workaround, restrict access to the markdown dashboard and dashboard comment functionality to minimize the risk of exploitation. Avoid using the vulnerable functionality until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Lightdash version 0.1024.6 **Description** The issue allows users with necessary permissions, such as Administrator or Editor, to create and share dashboards that can trigger an SSRF request when exported, via a POST request to "/api/v1/dashboards//export". This forged request contains the value of the exporting user’s session token, which can be used by a threat actor to obtain the session token of any user who exports the dashboard and perform actions as the victim on the application, resulting in session takeover. **Recommendations** For Lightdash version 0.1024.6, update to version 0.1027.2 to protect the system. As a temporary workaround, consider restricting access to the "/api/v1/dashboards//export" endpoint until the update is applied. Additionally, users should be cautious when exporting dashboards that contain HTML elements which point to external sources.