Fix security issue (#11965)

### What problem does this PR solve?

- CVE-2024-6866
- CVE-2024-6844
- CVE-2024-6839

### Type of change

- [x] Bug Fix (non-breaking change which fixes an issue)

Signed-off-by: Jin Hai <haijin.chn@gmail.com>

pyproject.toml

@@ -34,7 +34,7 @@ dependencies = [
     "extract-msg>=0.39.0",
     "ffmpeg-python>=0.2.0",
     "flasgger>=0.9.7.1,<0.10.0",
-    "flask-cors==5.0.0",
+    "flask-cors==6.0.2",
     "flask-login==0.6.3",
     "flask-mail>=0.10.0",
     "flask-session==0.8.0",
@@ -55,7 +55,7 @@ dependencies = [
     "markdown==3.6",
     "markdown-to-json==2.1.1",
     "markdownify>=1.2.0",
-    "mcp>=1.9.4",
+    "mcp>=1.19.0",
     "mini-racer>=0.12.4,<0.13.0",
     "minio==7.2.4",
     "mistralai==0.4.2",