| Название | Algovate xhs-mcp 0.8.11 Server-Side Request Forgery |
|---|
| Описание | A server-side request forgery (SSRF) vulnerability (CWE-918) and a path traversal vulnerability (CWE-22) have been identified in xhs-mcp version 0.8.11, specifically within the xhs_publish_content MCP tool. The SSRF issue arises when a user-supplied media_paths value begins with http:// or https://, causing the server to fetch the URL via fetch() without allowlisting or destination validation, enabling requests to internal or loopback services. The path traversal issue allows an attacker to supply a local video path containing ../ sequences that escape the project directory, leading to unintended filesystem access. An attacker with access to the MCP interface can exploit these flaws to interact with internal network endpoints and access local files outside the intended workspace. No fixed version is available at the time of reporting. |
|---|
| Источник | ⚠️ https://github.com/Algovate/xhs-mcp/issues/6 |
|---|
| Пользователь | _Eternity_ (UID 97332) |
|---|
| Представление | 14.04.2026 03:14 (2 месяцы назад) |
|---|
| Модерация | 29.04.2026 16:11 (16 days later) |
|---|
| Статус | принято |
|---|
| Запись VulDB | 360154 [Algovate xhs-mcp 0.8.11 MCP Interface src/server/mcp.server.ts xhs_publish_content media_paths эскалация привилегий] |
|---|
| Баллы | 20 |
|---|