Tag
An authentication bypass vulnerability in `meta-ads-mcp` version 1.0.113 allows unauthenticated network callers to gain unauthorized access by sending an arbitrary value in the `X-Pipeboard-Token` HTTP header, leading to the reuse of the server operator's `META_ACCESS_TOKEN` for full read and write access to Meta Ads data.