install-this-mcp

The Cloudflare Worker fetches metadata (MCPServerCard) from a user-provided MCP URL. Fields like `description` and `instructions` from this metadata are directly embedded into the generated HTML with minimal sanitization (only Markdown-like replacements for `**` to `<strong>` and `\n` to `<br>`). This creates a Reflected Cross-Site Scripting (XSS) vulnerability, as a malicious MCP server could inject arbitrary HTML or JavaScript into these fields, which would then execute in the user's browser when they view the generated guide. Additionally, the `serverIcon` URL is directly inserted into an `<img>` tag without URL encoding, potentially allowing XSS via crafted `javascript:` URLs if the icon source is malicious. While no `eval` or hardcoded secrets are present, this vulnerability due to improper input sanitization for dynamically generated content is critical.