Lucene search
K

9 matches found

RedhatCVE
RedhatCVE
added 2025/12/15 1:25 p.m.4 views

CVE-2025-14660

A flaw has been found in DecoCMS Mesh up to 1.0.0-alpha.31. Affected by this vulnerability is the function createTool of the file packages/sdk/src/mcp/teams/api.ts of the component Workspace Domain Handler. This manipulation of the argument domain causes improper access controls. The attack can b...

6.3CVSS6.2AI score0.00281EPSS
Exploits0References1
EUVD
EUVD
added 2025/12/14 3:30 p.m.3 views

EUVD-2025-203298

A flaw has been found in DecoCMS Mesh up to 1.0.0-alpha.31. Affected by this vulnerability is the function createTool of the file packages/sdk/src/mcp/teams/api.ts of the component Workspace Domain Handler. This manipulation of the argument domain causes improper access controls. The attack can b...

6.3CVSS5.8AI score0.00281EPSS
Exploits0References9
NVD
NVD
added 2025/12/14 1:15 p.m.6 views

CVE-2025-14660

A flaw has been found in DecoCMS Mesh up to 1.0.0-alpha.31. Affected by this vulnerability is the function createTool of the file packages/sdk/src/mcp/teams/api.ts of the component Workspace Domain Handler. This manipulation of the argument domain causes improper access controls. The attack can b...

6.3CVSS0.00281EPSS
Exploits0References8
OSV
OSV
added 2025/12/14 12:32 p.m.5 views

CVE-2025-14660 DecoCMS Mesh Workspace Domain api.ts createTool access control

A flaw has been found in DecoCMS Mesh up to 1.0.0-alpha.31. Affected by this vulnerability is the function createTool of the file packages/sdk/src/mcp/teams/api.ts of the component Workspace Domain Handler. This manipulation of the argument domain causes improper access controls. The attack can b...

6.3CVSS5.2AI score0.00281EPSS
Exploits0References10
Vulnrichment
Vulnrichment
added 2025/12/14 12:32 p.m.2 views

CVE-2025-14660 DecoCMS Mesh Workspace Domain api.ts createTool access control

A flaw has been found in DecoCMS Mesh up to 1.0.0-alpha.31. Affected by this vulnerability is the function createTool of the file packages/sdk/src/mcp/teams/api.ts of the component Workspace Domain Handler. This manipulation of the argument domain causes improper access controls. The attack can b...

6.3CVSS6AI score0.00281EPSS
Exploits0References8
CVE
CVE
added 2025/12/14 12:32 p.m.9 views

CVE-2025-14660

DecoCMS Mesh vulnerability CVE-2025-14660 affects the Workspace Domain Handler component: function createTool in packages/sdk/src/mcp/teams/api.ts allows manipulation of the domain argument, leading to improper access controls. The flaw can be exploited remotely; attack complexity is high, and th...

6.3CVSS5.3AI score0.00281EPSS
Exploits0References8
Cvelist
Cvelist
added 2025/12/14 12:32 p.m.20 views

CVE-2025-14660 DecoCMS Mesh Workspace Domain api.ts createTool access control

A flaw has been found in DecoCMS Mesh up to 1.0.0-alpha.31. Affected by this vulnerability is the function createTool of the file packages/sdk/src/mcp/teams/api.ts of the component Workspace Domain Handler. This manipulation of the argument domain causes improper access controls. The attack can b...

6.3CVSS0.00281EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2025/12/14 12:0 a.m.6 views

PT-2025-51162

A flaw has been found in DecoCMS Mesh up to 1.0.0-alpha.31. Affected by this vulnerability is the function createTool of the file packages/sdk/src/mcp/teams/api.ts of the component Workspace Domain Handler. This manipulation of the argument domain causes improper access controls. The attack can b...

6.3CVSS6.2AI score0.00281EPSS
Exploits0References9
CNNVD
CNNVD
added 2025/12/14 12:0 a.m.4 views

DecoCMS 访问控制错误漏洞

DecoCMS is a content management system from deco CMS open source. An access control error vulnerability exists in DecoCMS 1.0.0-alpha.31 and earlier versions, which stems from incorrect manipulation of the parameter domain in the file packages/sdk/src/mcp/teams/api.ts, which could lead to imprope...

6.3CVSS5.5AI score0.00281EPSS
Exploits0References8
Rows per page
Query Builder