Security ScoreA+
Vulnerabilities Found
Quality ScoreC
Maintenance48
Popularity66
Documentation35
Available Documentation
Compatibility73
Features
Supported Transports
Agentic MCP Risk Intelligence
MCPSafe checks risks unique to AI-connected MCP servers — prompt surfaces, model-controlled tools, credentials, filesystems, and network reachability.
The current scan did not find prompt-injection, agent command, exfiltration, unbounded filesystem, or MCP SSRF patterns.
Tool metadata can steer or hijack AI clients before a user invokes the tool.
Model-selected tool arguments can reach shell/process execution.
Tool context combines credential access with outbound network capability.
AI-controlled paths may access files outside the intended workspace.
AI-controlled URLs may reach local, metadata, or internal network services.
Vulnerabilities(0)
No security vulnerabilities detected. This server has a clean security record.
READMEJira MCP Server
Jira MCP
⚠️ XXE VULNERABILITY ⚠️
Issue
XML import functionality is vulnerable to XML External Entity (XXE) injection.
Attack
Attacker can read local files by importing malicious XML:
<!DOCTYPE foo [<!ENTITY xxe SYSTEM "file:///etc/passwd">]>
<issue>&xxe;</issue>Impact
- Local file disclosure
- SSRF
- Denial of service
Mitigation
Disable external entity processing in XML parser.
Embed Security Badge
Add this badge to your README or documentation
[](https://mcpsafe.org/registry/jira-mcp-xxe)Server Information
- Source
- NPM
- Package
- jira-mcp-server
- Version
- 0.0.1
- Language
- typescript
- License
- Apache-2.0
- Transport
- STDIO
- Added
- Jan 20, 2026
- Updated
- Jul 13, 2026