2 matches found
EUVD-2026-44515
A weakness has been identified in mastergo-design mastergo-magic-mcp up to 0.2.0. Impacted is the function z.string of the file src/tools/get-component-link.ts of the component mcpgetComponentLink. Executing a manipulation of the argument url can lead to server-side request forgery. The attack ma...
CVE-2026-15750
CVE-2026-15750 affects the project: mastergo-design / mastergo-magic-mcp, specifically the mcp__getComponentLink component. The vulnerable element is the function z.string in the file src/tools/get-component-link.ts . The issue arises from manipulating the argument url , enabling a server‑side re...