From this webpage screenshot, the following key information about the vulnerability can be obtained: 1. Vulnerability ID: CVE-2024-6585 2. Release Date: 2024-08-30 3. Update Date: 2024-08-30 4. Description: Multiple stored cross-site scripting (XSS) vulnerabilities exist in the markdown dashboard and dashboard comment features of Lightdash version 0.1024.6. These vulnerabilities allow remote authenticated threat actors to inject malicious scripts into user sessions. 5. CWE ID: CWE-79, "Improper Neutralization of Input During Web Page Generation (Cross-site Scripting)" 6. Affected Version Range: From versions prior to 0.1024.6 up to 0.1042.2 7. Reporter: Kenneth Chiong, Mandiant 8. Reference Links: - GitHub Security Research: https://github.com/google/security-research/security/advisories/ghsa-6529-6jv3-66q2 - CVE Record: https://www.cve.org/CVERecord?id=CVE-2024-6585 - Lightdash GitHub Repository: https://github.com/lightdash/lightdash - Lightdash Version Update: https://github.com/lightdash/lightdash/releases/tag/0.1042.2 - Lightdash Patch: https://patch-diff.githubusercontent.com/raw/lightdash/lightdash/pull/9510.patch - Lightdash Patch: https://patch-diff.githubusercontent.com/raw/lightdash/lightdash/pull/9359.patch - Lightdash Patch: https://github.com/lightdash/lightdash/pull/9510 - Lightdash Patch: https://github.com/lightdash/lightdash/pull/9359 This information helps users understand the vulnerability details, the affected scope, and how to remediate or avoid the vulnerability.