Severity by source
AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H
Primary rating from GitHub Advisory · only source for this CVE.
CVSS VectorGitHub Advisory
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H
Lifecycle Timeline
6DescriptionGitHub Advisory
Anchorr is a Discord bot for requesting movies and TV shows and receiving notifications when items are added to a media server. Versions 1.4.1 and below contain a stored XSS vulnerability in the Jellyseerr user selector. Jellyseerr allows any account holder to execute arbitrary JavaScript in the Anchorr admin's browser session. The injected script calls the authenticated /api/config endpoint - which returns the full application configuration in plaintext. This allows the attacker to forge a valid Anchorr session token and gain full admin access to the dashboard with no knowledge of the admin password. The same response also exposes the API keys and tokens for every integrated service, resulting in simultaneous account takeover of the Jellyfin media server (via JELLYFIN_API_KEY), the Jellyseerr request manager (via JELLYSEERR_API_KEY), and the Discord bot (via DISCORD_TOKEN). This issue has been fixed in version 1.4.2.
AnalysisAI
A stored cross-site scripting (XSS) vulnerability in Anchorr Discord bot versions 1.4.1 and below allows authenticated Jellyseerr users to execute arbitrary JavaScript in admin browser sessions. The XSS payload can exfiltrate the full application configuration including session tokens and API keys for integrated services (Jellyfin, Jellyseerr, Discord), enabling complete account takeover across all connected platforms without requiring admin credentials. This vulnerability is tagged as XSS in ENISA's database (EUVD-2026-13503) with a CVSS score of 9.0, though no EPSS score, KEV listing, or public POC availability is reported in the provided data.
Technical ContextAI
Anchorr is an open-source Discord bot that integrates with Jellyfin media servers and Jellyseerr request management systems. The vulnerability (CWE-80: Improper Neutralization of Script-Related HTML Tags in a Web Page) exists in the Jellyseerr user selector component where user-controlled input is not properly sanitized before rendering in the admin interface. When malicious JavaScript is stored via the selector and subsequently rendered in an administrator's browser, it executes with the admin's privilege level and can invoke authenticated API endpoints like /api/config. This endpoint inappropriately returns sensitive configuration data including JELLYFIN_API_KEY, JELLYSEERR_API_KEY, and DISCORD_TOKEN in plaintext to authenticated sessions, compounding the stored XSS with excessive information disclosure.
RemediationAI
Upgrade Anchorr to version 1.4.2 or later, which contains a fix for this vulnerability as documented in the release notes at https://github.com/openVESSL/Anchorr/releases/tag/v1.4.2. Review the GitHub security advisory at https://github.com/openVESSL/Anchorr/security/advisories/GHSA-6mg4-788h-7g9g for additional guidance. After upgrading, immediately rotate all exposed credentials including JELLYFIN_API_KEY, JELLYSEERR_API_KEY, and DISCORD_TOKEN as these may have been compromised if an attack occurred prior to patching. Until patching is complete, restrict admin dashboard access to trusted networks only and avoid interacting with user-submitted content in Jellyseerr selectors. Consider implementing Content Security Policy headers to mitigate XSS execution if feasible in the deployment environment.
Same weakness CWE-80 – Basic XSS
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-13503