| عنوان | Algovate xhs-mcp 0.8.11 Server-Side Request Forgery |
|---|
| الوصف | A server-side request forgery (SSRF) vulnerability (CWE-918) and a path traversal vulnerability (CWE-22) have been identified in xhs-mcp version 0.8.11, specifically within the xhs_publish_content MCP tool. The SSRF issue arises when a user-supplied media_paths value begins with http:// or https://, causing the server to fetch the URL via fetch() without allowlisting or destination validation, enabling requests to internal or loopback services. The path traversal issue allows an attacker to supply a local video path containing ../ sequences that escape the project directory, leading to unintended filesystem access. An attacker with access to the MCP interface can exploit these flaws to interact with internal network endpoints and access local files outside the intended workspace. No fixed version is available at the time of reporting. |
|---|
| المصدر | ⚠️ https://github.com/Algovate/xhs-mcp/issues/6 |
|---|
| المستخدم | _Eternity_ (UID 97332) |
|---|
| ارسال | 14/04/2026 03:14 AM (2 أشهر منذ) |
|---|
| الاعتدال | 29/04/2026 04:11 PM (16 days later) |
|---|
| الحالة | تمت الموافقة |
|---|
| إدخال VulDB | 360154 [Algovate xhs-mcp 0.8.11 MCP Interface src/server/mcp.server.ts xhs_publish_content media_paths تجاوز الصلاحيات] |
|---|
| النقاط | 20 |
|---|