A path traversal vulnerability has been discovered in Axle-Bucamp MCP-Docusaurus affecting multiple document functions in app/routes/document.py. The vulnerability allows remote attackers to manipulate the DOCS_DIR/path argument to perform path traversal attacks. The exploit has been publicly released and can be used for attacks. The affected functions include update_document, continue_document, delete_document, and get_content. The project uses a rolling release model making specific version information unavailable. The maintainers have been notified through an issue report but have not responded yet.