Tag
The auth-fetch-mcp package is vulnerable to server-side request forgery (SSRF) and disk exfiltration due to unvalidated URLs in the `download_media` and `auth_fetch` tools, allowing an attacker to fetch internal resources, cloud metadata, or loopback addresses, potentially leading to credential theft, internal service enumeration, and sensitive information disclosure.