GHSA-78H3-63C4-5FQC WeKnora has Command Injection in MCP stdio test
Vulnerability Description --- Vulnerability Overview This issue is a command injection vulnerability CWE-78 that allows authenticated users to inject stdioconfig.command/args into MCP stdio settings, causing the server to execute subprocesses using these injected values. The root causes are as...