{"data":{"id":"cb55dfbc-9a1c-4fab-9e92-e7d6a1839752","title":"GHSA-g5r6-gv6m-f5jv: mcp-atlassian: Arbitrary file read via missing path validation in confluence_upload_attachment","summary":"The mcp-atlassian tool's `confluence_upload_attachment` function has a critical vulnerability where it reads files from any path without validation, allowing authenticated users or AI agents tricked via prompt injection (hidden malicious instructions in text input) to steal sensitive files like SSH keys and environment variables containing API credentials. Attackers can exploit this by manipulating an AI agent to upload protected files to Confluence, or by directly calling the vulnerable function if they have MCP (model context protocol, a tool-calling interface) access.","solution":"Add `validate_safe_path(file_path)` before the `open(file_path, \"rb\")` call in the `_upload_attachment_direct()` function in `src/mcp_atlassian/confluence/attachments.py`. This validation function already exists and is used correctly in the `download_attachment()` function in the same file.","labels":["security"],"sourceUrl":"https://github.com/advisories/GHSA-g5r6-gv6m-f5jv","publishedAt":"2026-07-10T19:34:37.000Z","cveId":null,"cweIds":null,"cvssScore":null,"cvssSeverity":"high","severity":"high","attackType":["prompt_injection","data_extraction"],"issueType":"vulnerability","affectedPackages":["mcp-atlassian@< 0.22.0 (fixed: 0.22.0)"],"affectedVendors":["LangChain"],"affectedVendorsRaw":["mcp-atlassian","Confluence","Atlassian","Jira","qwen2.5","Open WebUI"],"classifierModel":"claude-haiku-4-5-20251001","classifierPromptVersion":"v3","cvssVector":null,"attackVector":null,"attackComplexity":null,"privilegesRequired":null,"userInteraction":null,"exploitMaturity":null,"epssScore":null,"patchAvailable":true,"disclosureDate":"2026-07-10T19:34:37.000Z","capecIds":null,"crossRefCount":0,"attackSophistication":"moderate","impactType":["confidentiality","integrity"],"aiComponentTargeted":"agent","llmSpecific":false,"classifierConfidence":0.92,"researchCategory":null,"atlasIds":null}}