A vulnerability was found in douinc mkdocs-mcp-plugin up to 0.4.1. This affects the function read_document/list_documents of the file server.py. Performing a ma…

A path traversal vulnerability was discovered in douinc mkdocs-mcp-plugin up to version 0.4.1. The vulnerability affects the read_document and list_documents functions in server.py, allowing attackers to manipulate the docs_dir/file_path arguments to perform directory traversal attacks. The vulnerability can be exploited remotely and a public exploit is available. The vendor has acknowledged the issue and confirmed that a fix will be published within a few days.