| 标题 | ghantakiran splunk-mcp-integration 0b86b09 Path Traversal |
|---|
| 描述 | Although the original generic report focused on download endpoints, the actionable issue in this repository is earlier in the export pipeline.
create_csv_export() accepts user-controlled job_name and forwards it to csv_generator.generate_csv(). The generator constructs:
file_name = f"{job_name.replace(' ', '_')}_{job_id}_{int(time.time())}.{file_extension}"
file_path = os.path.join(settings.CSV_OUTPUT_DIR, file_name)
Only spaces are replaced. Forward slashes, backslashes, and traversal tokens survive unchanged, so a job_name like ../../../../tmp/csv_poc causes the background worker to create and write a CSV outside the configured export directory. |
|---|
| 来源 | ⚠️ https://github.com/ghantakiran/splunk-mcp-integration/issues/49 |
|---|
| 用户 | LargeW (UID 97302) |
|---|
| 提交 | 2026-04-14 14時38分 (2 月前) |
|---|
| 管理 | 2026-05-01 11時32分 (17 days later) |
|---|
| 状态 | 已接受 |
|---|
| VulDB条目 | 360542 [ghantakiran splunk-mcp-integration 直到 0b86b09d5e5adf0433acd43c975951224613a1a6 CSV Export csv_export.py create_csv_export job_name 目录遍历] |
|---|
| 积分 | 20 |
|---|