CVE-2026-58500
MCP · appium-mcp
A Cross-site Scripting (XSS) vulnerability in MCP Appium allows for unauthorized script execution via improper input neutralization.
Executive summary
An unauthenticated Cross-site Scripting (XSS) vulnerability in the MCP Appium server presents a high risk of malicious script injection and unauthorized actions.
Vulnerability
The application is susceptible to CWE-79 (Cross-site Scripting) due to improper neutralization of input. This vulnerability is exploitable by an unauthenticated attacker via a network-based attack vector, potentially leading to unauthorized data access or malicious actions within the context of the user's browser.
Business impact
Successful exploitation of this XSS vulnerability could allow an attacker to execute arbitrary scripts in the victim's browser, potentially leading to session hijacking, unauthorized data exfiltration, or the defacement of the application interface. Given the CVSS 8.2 score, this is classified as a High-severity risk that could compromise the integrity and confidentiality of automated testing environments managed by the MCP server.
Remediation
Immediate Action: Update the appium-mcp package to version 1.85.10 or later to resolve the input sanitization flaw.
Proactive Monitoring: Monitor application access logs for suspicious URL patterns or unexpected script injections targeting the MCP server interface.
Compensating Controls: Deploy a Web Application Firewall (WAF) with robust XSS filtering rules to inspect and block malicious payloads directed at the application.
Exploitation status
Public Exploit Available: No (exploit_available: false)
Analyst recommendation
The presence of an XSS vulnerability in a component designed for AI-assisted automation poses a significant risk to the security of testing workflows. Administrators must prioritize updating to the patched version immediately to prevent unauthorized script execution and potential systemic compromise.