CVE-2026-44427

EPSS 0.02%

MCP Registry has open redirect via protocol-relative path in trailing-slash middleware

發布日:2026/5/8修改日:2026/5/16

描述

### Summary The TrailingSlashMiddleware in internal/api/server.go is vulnerable to an open redirect attack. An attacker can craft a URL with a protocol-relative path (e.g., //evil.com/) that, after trailing slash removal, results in a Location header of //evil.com — which browsers interpret as an absolute URL to an external domain. ### Details The TrailingSlashMiddleware strips trailing slashes from request paths and issues a 308 Permanent Redirect to the cleaned path. However, it does not validate or sanitize the resulting path before using it as the redirect target. When a request is made with a path like //evil.com/, the middleware processes it as follows: ### PoC 1. Start the registry server locally or identify a deployed instance 2. Send a request with a double-slash path followed by an external domain: `curl -v https://<registry-host>//evil.com/` <img width="3066" height="969" alt="image" src="https://github.com/user-attachments/assets/a5305f00-29bf-4708-952a-478d608f2074" /> 3. Observe the 308 Permanent Redirect response with Location: //evil.com: 4. When accessed in a browser, the user is redirected to https://evil.com ### Impact **Phishing**: Attackers can abuse the trusted registry domain to redirect users to credential-harvesting pages **Malware distribution**: Redirect users to sites serving malicious downloads **Trust abuse:** Links originating from the official MCP Registry domain carry implicit trust

受影響套件(1)

CVSS 分數

來源版本嚴重程度向量
osvCVSS 4.0CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:P

參考連結(6)