DecoCMS Mesh Privilege Escalation Vulnerability in Workspace Domain Handler
Vulnerability
A privilege escalation vulnerability has been identified in DecoCMS Mesh versions prior to 1.0.0-alpha.32. The issue resides in the Workspace Domain Handler, specifically within the createTool function of packages/sdk/src/mcp/teams/api.ts. This vulnerability allows unauthorized users to join workspaces by simply providing a valid domain, as the application fails to properly validate email domains against the supplied input. The flaw can be exploited remotely, and while the exploitation is considered difficult, a public proof-of-concept is available.
Impact
Exploitation of this vulnerability allows unauthorized users to join workspaces by providing a valid domain, bypassing intended access controls.
Reproduction
The vulnerability can be reproduced by using the auto-join feature and supplying a domain that matches the desired workspace, without any authentication or authorization.
Remediation
Users are advised to upgrade to DecoCMS Mesh version 1.0.0-alpha.32, which addresses this vulnerability.
Vulnerability Rating
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.