30 matches found
CVE-2023-35844
packages/backend/src/routers in Lightdash before 0.510.3 has insecure file endpoints, e.g., they allow .. directory traversal and do not ensure that an intended file extension .csv or .png is used...
CVE-2023-35844
packages/backend/src/routers in Lightdash before 0.510.3 has insecure file endpoints, e.g., they allow .. directory traversal and do not ensure that an intended file extension .csv or .png is used...
CVE-2023-35844
packages/backend/src/routers in Lightdash before 0.510.3 has insecure file endpoints, e.g., they allow .. directory traversal and do not ensure that an intended file extension .csv or .png is used...
Directory traversal
packages/backend/src/routers in Lightdash before 0.510.3 has insecure file endpoints, e.g., they allow .. directory traversal and do not ensure that an intended file extension .csv or .png is used...
Lightdash 路径遍历漏洞
Lightdash is visual data analysis tool. A security vulnerability exists in Lightdash versions prior to 0.510.3. An attacker can exploit the vulnerability to access files and directories stored outside of the web root folder...
CVE-2023-35844
packages/backend/src/routers in Lightdash before 0.510.3 has insecure file endpoints, e.g., they allow .. directory traversal and do not ensure that an intended file extension .csv or .png is used...
CVE-2023-35844
packages/backend/src/routers in Lightdash before 0.510.3 has insecure file endpoints, e.g., they allow .. directory traversal and do not ensure that an intended file extension .csv or .png is used...
CVE-2023-35844
Lightdash
PT-2023-6481 · Lightdash · Lightdash
Name of the Vulnerable Software and Affected Versions: Lightdash versions prior to 0.510.3 Description: The issue is related to incorrect restriction of a directory path name with limited access. This can allow a remote attacker to gain unauthorized access to protected information. The...
Path Traversal at Slack Image Endpoint
Summary Lightdash version \ Required. 1. Install the Lightdash server & database. \ 2. Connect Lightdash to a dbt project and add some metrics. 3. Create and share insights with your team. 4. Craft...