NVD Vulnerability Detail

Search Exploit, PoC

NVD脆弱性検索トップ

->

NVD Vulnerability Detail

CVE-2024-6585

Summary	Multiple stored cross-site scripting (“XSS”) vulnerabilities in the markdown dashboard and dashboard comment functionality of Lightdash version 0.1024.6 allows remote authenticated threat actors to inject malicious scripts into vulnerable web pages. A threat actor could potentially exploit this vulnerability to store malicious JavaScript which executes in the context of a user’s session with the application.
Publication Date	Aug. 31, 2024, 8:15 a.m.
Registration Date	Aug. 31, 2024, noon
Last Update	Sept. 4, 2024, 12:35 a.m.

Related information, measures and tools

No	URL	refsource	タグ
1	https://github.com/google/security-research/security/advisories/GHSA-6529-6jv3-66q2
2	https://www.cve.org/CVERecord?id=CVE-2024-6585
3	https://github.com/lightdash/lightdash
4	https://github.com/lightdash/lightdash/releases/tag/0.1042.2
5	https://patch-diff.githubusercontent.com/raw/lightdash/lightdash/pull/9510.patch
6	https://patch-diff.githubusercontent.com/raw/lightdash/lightdash/pull/9359.patch
7	https://github.com/lightdash/lightdash/pull/9510
8	https://github.com/lightdash/lightdash/pull/9359

Common Vulnerabilities List