# path-traversal
標記為「path-traversal」的 8 篇文章
MCP Path Traversal: Preventing File System Escapes in MCP Servers
A defense-focused guide to preventing path traversal vulnerabilities in MCP file operations -- 82% of implementations use file operations prone to traversal -- with working filesystem sandboxing, path validation, chroot jails, and detection rules.
File System Agent Risks
Security risks of AI agents with file system access, including path traversal exploitation, symlink attacks, file content injection, data exfiltration through file operations, and privilege escalation via file system manipulation.
CWE Mapping for AI-Generated Vulnerabilities
Common AI-generated vulnerabilities mapped to CWE identifiers with real examples: SQL injection (CWE-89), XSS (CWE-79), path traversal (CWE-22), command injection (CWE-78), and hardcoded credentials (CWE-798).
Output Handling Exploits
Deep dive into XSS, SQL injection, command injection, SSTI, and path traversal attacks that weaponize LLM output as an injection vector against downstream systems.
MCP Path Traversal: Preventing File System Escapes in MCP Servers
A defense-focused guide to preventing path traversal vulnerabilities in MCP file operations -- 82% of implementations use file operations prone to traversal -- with working filesystem sandboxing, path validation, chroot jails, and detection rules.
File System 代理 Risks
安全 risks of AI agents with file system access, including path traversal exploitation, symlink attacks, file content injection, data exfiltration through file operations, and privilege escalation via file system manipulation.
AI 生成漏洞之 CWE 對映
常見 AI 生成漏洞對映至 CWE 識別碼——附真實範例:SQL 注入(CWE-89)、XSS(CWE-79)、路徑穿越(CWE-22)、命令注入(CWE-78)與硬編碼憑證(CWE-798)。
Output Handling 利用s
Deep dive into XSS, SQL injection, command injection, SSTI, and path traversal attacks that weaponize LLM output as an injection vector against downstream systems.