| शीर्षक | elinsky execution-system-mcp 0.1.0 Path Traversal |
|---|
| विवरण | `execution-system-mcp` is designed to operate on a trusted execution-system repository whose root is configured via `execution_system_repo_path`. The reviewed code intends to restrict action operations to:
- `docs/execution_system/00k-next-actions/contexts/*.md`
- special state files such as `@waiting.md`
That restriction is incomplete. The `add_action` tool accepts a free-form `context` string and `_get_context_file_path()` appends it directly into `contexts_dir / f"{context}.md"`. The `complete_action` tool accepts `file_path` and only checks that it starts with `@` or `contexts/` before appending it to the base directory. Payloads such as `../../../../../../tmp/poc` or `contexts/../../../../../../tmp/poc.md` therefore escape the intended action-list directory and reach existing markdown files outside the configured repository subtree. |
|---|
| स्रोत | ⚠️ https://github.com/elinsky/execution-system-mcp/issues/1 |
|---|
| उपयोगकर्ता | LittleW (UID 97283) |
|---|
| सबमिशन | 12/04/2026 12:18 PM (2 महीनों पहले) |
|---|
| संयम | 28/04/2026 03:42 PM (16 days later) |
|---|
| स्थिति | स्वीकृत |
|---|
| VulDB प्रविष्टि | 359972 [elinsky execution-system-mcp 0.1.0 add_action Tool server.py _get_context_file_path context निर्देशिका ट्रैवर्सल] |
|---|
| अंक | 20 |
|---|