The Cline Hub dashboard server launched by the cline dashboard command accepts WebSocket connections on the /browser endpoint without validating the Origin header. When ROOM_SECRET is unset for local 127.0.0.1 binds, isAuthorizedBrowserRequest() allows attacker-controlled websites to send desktopCommand frames that read workspace state, mutate MCP and provider settings, and trigger command execution when [truncated]
A critical cross-origin WebSocket hijack vulnerability affects Cline, an autonomous coding agent distributed as an SDK, IDE extension, and CLI assistant. The flaw exists in Cline's Kanban server functionality in versions 2.13.0 and prior. The vulnerability allows network-based attackers to compromise WebSocket connections without authentication, with the attack complexity rated low and requiring user inte [truncated]