| Lightdash version less or equal to 506.4 is vulnerable to a path traversal attack, allowing an attacker to access arbitrary files on the server. This vulnerability can be exploited by appending directory traversal sequences to the image ID parameter of the Slack image endpoint, enabling the attacker to bypass access controls and read sensitive files on the server. |
