DecoCMS 访问控制错误漏洞

DecoCMS is a content management system from deco CMS open source. An access control error vulnerability exists in DecoCMS 1.0.0-alpha.31 and earlier versions, which stems from incorrect manipulation of the parameter domain in the file packages/sdk/src/mcp/teams/api.ts, which could lead to imprope...

PT-2025-51162

A flaw has been found in DecoCMS Mesh up to 1.0.0-alpha.31. Affected by this vulnerability is the function createTool of the file packages/sdk/src/mcp/teams/api.ts of the component Workspace Domain Handler. This manipulation of the argument domain causes improper access controls. The attack can b...