| عنوان | huangjunsen0406 xiaozhi-mcphub 1.0.3 Path Traversal |
|---|
| الوصف | A path traversal vulnerability (CWE-22) exists in huangjunsen0406/xiaozhi-mcphub 1.0.3. The DXT upload handler in src/controllers/dxtController.ts extracts .dxt archives and uses the name field from the untrusted manifest.json file to construct the extraction path using path.join. Because this value is not sanitized, an authenticated attacker can use traversal sequences (e.g., ../../) to extract files to arbitrary locations outside the intended directory. |
|---|
| المصدر | ⚠️ https://github.com/huangjunsen0406/xiaozhi-mcphub/issues/29 |
|---|
| المستخدم | ccccccctfi (UID 97498) |
|---|
| ارسال | 20/04/2026 05:38 PM (2 أشهر منذ) |
|---|
| الاعتدال | 07/05/2026 06:40 PM (17 days later) |
|---|
| الحالة | تمت الموافقة |
|---|
| إدخال VulDB | 361904 [huangjunsen0406 xiaozhi-mcphub حتى 1.0.3 dxtController.ts manifest.name اجتياز الدليل] |
|---|
| النقاط | 20 |
|---|