Security Vulnerability Report
Severity: Medium
Vulnerability Type: Path Traversal
Affected Files and Lines
src/commands/blog.ts - Lines 514-525
Code Snippet
let outputDir: string;
if (options.output) {
outputDir = options.output;
} else if (config.blog?.outputDir) {
outputDir = config.blog.outputDir;
} else {
// Try to find existing content directory, or use framework default
const existingDir = findExistingContentDir(cwd, framework);
outputDir = existingDir || frameworkConfig.draftsDir;
}
if (!existsSync(outputDir)) {
mkdirSync(outputDir, { recursive: true });
}Description
The --output parameter from CLI arguments is used directly to create directories without proper path traversal validation. If a user provides a path like ../../../, it could potentially write files outside the intended project directory.
Impact
- Files could be written outside the intended project directory
- Potential overwriting of system files if running with elevated privileges
- Data could be placed in unexpected locations
Recommended Fix
Add path validation:
import { resolve } from 'path';
if (options.output) {
const resolved = resolve(cwd, options.output);
// Ensure the resolved path is within or descendent of cwd
if (!resolved.startsWith(resolve(cwd))) {
throw new Error(`Invalid output directory: path traversal detected`);
}
outputDir = resolved;
}References
Security Vulnerability Report
Severity: Medium
Vulnerability Type: Path Traversal
Affected Files and Lines
src/commands/blog.ts- Lines 514-525Code Snippet
Description
The
--outputparameter from CLI arguments is used directly to create directories without proper path traversal validation. If a user provides a path like../../../, it could potentially write files outside the intended project directory.Impact
Recommended Fix
Add path validation:
References