3 matches found
Protection Mechanism Failure
Overview @grackle-ai/server is a Grackle server orchestrator — spawns and wires core gRPC, web-server HTTP, MCP, and PowerLine Affected versions of this package are vulnerable to Protection Mechanism Failure due to missing security headers in HTTP responses. An attacker can compromise the securit...
Origin Validation Error
Overview @grackle-ai/server is a Grackle server orchestrator — spawns and wires core gRPC, web-server HTTP, MCP, and PowerLine Affected versions of this package are vulnerable to Origin Validation Error via the connection handler process. An attacker can gain unauthorized access to real-time...
Cross-site Scripting (XSS)
Overview @grackle-ai/server is a Grackle server orchestrator — spawns and wires core gRPC, web-server HTTP, MCP, and PowerLine Affected versions of this package are vulnerable to Cross-site Scripting XSS via the renderPairingPage function. An attacker can inject malicious scripts into the rendere...