जमा करें #807746: Axle-Bucamp MCP-Docusaurus 404bc028e15ec304c9a045528560f4b5f27a17e0 Path Traversalजानकारी

शीर्षक	Axle-Bucamp MCP-Docusaurus 404bc028e15ec304c9a045528560f4b5f27a17e0 Path Traversal
विवरण	The project applies canonical path boundary checks in create_document, but not in update_document, continue_document, delete_document, and get_content. In those functions, attacker-controlled path is directly joined with DOCS_DIR and then used for file read/write/delete operations. Traversal payloads (for example ../) can cause access outside intended documentation root. This enables unauthorized file read, modification, and deletion within process permissions.
स्रोत	⚠️ https://github.com/Axle-Bucamp/MCP-Docusaurus/issues/2
उपयोगकर्ता	CPT_Penner (UID 97246)
सबमिशन	18/04/2026 08:20 PM (2 महीनों पहले)
संयम	04/05/2026 06:47 PM (16 days later)
स्थिति	स्वीकृत
VulDB प्रविष्टि	360994 [Axle-Bucamp MCP-Docusaurus तक 404bc028e15ec304c9a045528560f4b5f27a17e0 app/routes/document.py DOCS_DIR/path निर्देशिका ट्रैवर्सल]
अंक	20

Do you know our Splunk app?

Download it now for free!