Lucene search
K

5 matches found

NVD
NVD
added 2026/04/29 10:16 p.m.14 views

CVE-2026-7417

A vulnerability was found in Algovate xhs-mcp 0.8.11. This affects the function xhspublishcontent of the file src/server/mcp.server.ts of the component MCP Interface. Performing a manipulation of the argument mediapaths results in server-side request forgery. The attack may be initiated remotely...

7.5CVSS0.00361EPSS
Exploits0References6
Vulnrichment
Vulnrichment
added 2026/04/29 9:45 p.m.5 views

CVE-2026-7417 Algovate xhs-mcp MCP mcp.server.ts xhs_publish_content server-side request forgery

A vulnerability was found in Algovate xhs-mcp 0.8.11. This affects the function xhspublishcontent of the file src/server/mcp.server.ts of the component MCP Interface. Performing a manipulation of the argument mediapaths results in server-side request forgery. The attack may be initiated remotely...

7.5CVSS7AI score0.00361EPSS
Exploits0References6
EUVD
EUVD
added 2026/04/29 9:45 p.m.10 views

EUVD-2026-26294

A vulnerability was found in Algovate xhs-mcp 0.8.11. This affects the function xhspublishcontent of the file src/server/mcp.server.ts of the component MCP Interface. Performing a manipulation of the argument mediapaths results in server-side request forgery. The attack may be initiated remotely...

7.5CVSS7.1AI score0.00361EPSS
Exploits0References6
CNNVD
CNNVD
added 2026/04/29 12:0 a.m.8 views

xhs-mcp 代码问题漏洞

xhs-mcp is an open-source tool developed by Algovate for automated publication and content management of REDnote. Version xhs-mcp 0.8.11 contains a code vulnerability. This vulnerability arises from the mediapaths parameter operation in the xhspublishcontent function within the...

7.5CVSS7.2AI score0.00361EPSS
Exploits0References1
OSV
OSV
added 2025/05/28 5:46 p.m.6 views

DRUPAL-CONTRIB-2025-076

The COOKIES module protects users from executing JavaScript code provided by third parties, e.g., to display ads or track user data without consent. Each sub-module allows to include a specific third party service in the consent management, by controlling the execution of javascript. However, thi...

8.6CVSS6.8AI score0.00278EPSS
Exploits0References1
Rows per page
Query Builder