Anchorchain
1 CVEs
product
Monthly
Jenkins AnchorChain Plugin 1.0 does not limit URL schemes for links it creates based on workspace content, allowing the `javascript:` scheme, resulting in a stored cross-site scripting (XSS). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
XSS
Jenkins
Anchorchain
NVD
CVSS 3.1
6.5
EPSS
0.2%
CVE-2025-30196
EPSS 0%
CVSS 6.5
MEDIUM
This Month
Jenkins AnchorChain Plugin 1.0 does not limit URL schemes for links it creates based on workspace content, allowing the `javascript:` scheme, resulting in a stored cross-site scripting (XSS). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
XSS
Jenkins
Anchorchain
NVD