MCP Inspector Cross-Site Scripting Vulnerability Allowing Command Execution
Vulnerability
A cross-site scripting (XSS) vulnerability has been identified in the MCP Inspector local development tool, affecting versions prior to 0.16.6. The issue arises when users connect to untrusted remote MCP servers that contain malicious redirect URIs. This vulnerability can be exploited to interact with the inspector proxy, potentially leading to arbitrary command execution.
Impact
Exploitation of this vulnerability allows for cross-site scripting, with the possibility of executing arbitrary commands through the MCP Inspector proxy.
Reproduction
To reproduce this vulnerability, connect to an untrusted remote MCP server using a version of MCP Inspector prior to 0.16.6. Ensure that the server includes a malicious redirect URI that can inject JavaScript. Once connected, the injected script can be executed, demonstrating the cross-site scripting vulnerability.
Remediation
Users are advised to update MCP Inspector to version 0.16.6 or later.
Vulnerability Rating
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.