| Version | Supported |
|---|---|
| 0.2.x | ✅ |
| 0.1.x | ✅ |
| < 0.1 | ❌ |
We take security vulnerabilities seriously. If you discover a security vulnerability in MCP Browser, please follow these steps:
Security vulnerabilities should be reported privately to protect users.
Send an email to: [your-email@example.com]
Include the following information:
- Description of the vulnerability
- Steps to reproduce
- Potential impact
- Suggested fix (if any)
- Acknowledgment: Within 48 hours
- Initial Assessment: Within 1 week
- Resolution: Within 30 days (depending on severity)
- We will acknowledge receipt of your vulnerability report
- We will provide regular updates on our progress
- We will credit you in our security advisories (unless you prefer to remain anonymous)
- We will coordinate public disclosure with you
When using MCP Browser for security testing:
- Only test systems you own or have explicit permission to test
- Follow responsible disclosure practices
- Respect rate limits and don't overload target systems
- Use appropriate session management
- Keep the tool updated to the latest version
MCP Browser includes several security-focused features:
- XSS Vulnerability Scanning: Automated detection and testing
- JavaScript Analysis: Comprehensive JS file analysis
- Network Monitoring: Request/response logging
- Session Management: Secure browser session handling
This tool is provided under a Non-Commercial License. Commercial use requires explicit permission from the author.
Thank you for helping keep MCP Browser and its users safe!