| 제목 | Algovate xhs-mcp 0.8.11 Server-Side Request Forgery |
|---|
| 설명 | A server-side request forgery (SSRF) vulnerability (CWE-918) and a path traversal vulnerability (CWE-22) have been identified in xhs-mcp version 0.8.11, specifically within the xhs_publish_content MCP tool. The SSRF issue arises when a user-supplied media_paths value begins with http:// or https://, causing the server to fetch the URL via fetch() without allowlisting or destination validation, enabling requests to internal or loopback services. The path traversal issue allows an attacker to supply a local video path containing ../ sequences that escape the project directory, leading to unintended filesystem access. An attacker with access to the MCP interface can exploit these flaws to interact with internal network endpoints and access local files outside the intended workspace. No fixed version is available at the time of reporting. |
|---|
| 원천 | ⚠️ https://github.com/Algovate/xhs-mcp/issues/6 |
|---|
| 사용자 | _Eternity_ (UID 97332) |
|---|
| 제출 | 2026. 04. 14. AM 03:14 (2 개월 ago) |
|---|
| 모더레이션 | 2026. 04. 29. PM 04:11 (16 days later) |
|---|
| 상태 | 수락 |
|---|
| VulDB 항목 | 360154 [Algovate xhs-mcp 0.8.11 MCP Interface src/server/mcp.server.ts xhs_publish_content media_paths 권한 상승] |
|---|
| 포인트들 | 20 |
|---|