Description
Anchorr is a Discord bot for requesting movies and TV shows and receiving notifications when items are added to a media server. Versions 1.4.1 and below contain a stored XSS vulnerability in the Jellyseerr user selector. Jellyseerr allows any account holder to execute arbitrary JavaScript in the Anchorr admin's browser session. The injected script calls the authenticated /api/config endpoint - which returns the full application configuration in plaintext. This allows the attacker to forge a valid Anchorr session token and gain full admin access to the dashboard with no knowledge of the admin password. The same response also exposes the API keys and tokens for every integrated service, resulting in simultaneous account takeover of the Jellyfin media server (via JELLYFIN_API_KEY), the Jellyseerr request manager (via JELLYSEERR_API_KEY), and the Discord bot (via DISCORD_TOKEN). This issue has been fixed in version 1.4.2.
Published: 2026-03-20
Score: 9.1 Critical
EPSS: < 1% Very Low
KEV: No
Impact: Privilege Escalation
Action: Immediate Patch
AI Analysis

Impact

Anchorr, a Discord bot that manages media requests, has a stored cross‑site scripting flaw in its Jellyseerr user selector. The flaw lets any authenticated user inject JavaScript that executes in the browser session of an Anchorr administrator. The malicious script calls the /api/config endpoint, revealing the full application configuration, API keys, and tokens in plaintext. An attacker can use this data to forge an admin session token and take over the Anchorr dashboard, and simultaneously compromise the linked Jellyfin media server, Jellyseerr request manager, and Discord bot.

Affected Systems

The affected product is Anchorr, produced by openVESSL. Versions 1.4.1 and earlier contain the vulnerability. The fix was released in Anchorr 1.4.2, which removes the possibility to inject scripts into the Jellyseerr selector. Users running any version before 1.4.2 are at risk.

Risk and Exploitability

The CVSS score of 9.1 signals a high‑severity issue. However, the exploit probability is very low, with an EPSS of less than 1%, and the vulnerability is not yet listed in the CISA KEV catalog. Attackers need only a normal account on an Anchorr instance to inject the payload; no admin credentials are required. The impact is total loss of confidentiality, integrity, and availability for the entire platform and integrated services.

Generated by OpenCVE AI on March 27, 2026 at 17:28 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade Anchorr to version 1.4.2 or later.
  • Verify that the Jellyseerr user selector no longer renders unsanitized input.
  • If an upgrade is not immediately possible, limit the exposure of the /api/config endpoint by restricting access to trusted users or by removing it temporarily.
  • Monitor Anchorr logs for unusual configuration requests and test the system for XSS markers.

Generated by OpenCVE AI on March 27, 2026 at 17:28 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Fri, 27 Mar 2026 16:15:00 +0000

Type Values Removed Values Added
CPEs cpe:2.3:a:openvessl:anchorr:*:*:*:*:*:*:*:*

Fri, 20 Mar 2026 15:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'poc', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Fri, 20 Mar 2026 09:00:00 +0000

Type Values Removed Values Added
First Time appeared Openvessl
Openvessl anchorr
Vendors & Products Openvessl
Openvessl anchorr

Fri, 20 Mar 2026 03:15:00 +0000

Type Values Removed Values Added
Description Anchorr is a Discord bot for requesting movies and TV shows and receiving notifications when items are added to a media server. Versions 1.4.1 and below contain a stored XSS vulnerability in the Jellyseerr user selector. Jellyseerr allows any account holder to execute arbitrary JavaScript in the Anchorr admin's browser session. The injected script calls the authenticated /api/config endpoint - which returns the full application configuration in plaintext. This allows the attacker to forge a valid Anchorr session token and gain full admin access to the dashboard with no knowledge of the admin password. The same response also exposes the API keys and tokens for every integrated service, resulting in simultaneous account takeover of the Jellyfin media server (via JELLYFIN_API_KEY), the Jellyseerr request manager (via JELLYSEERR_API_KEY), and the Discord bot (via DISCORD_TOKEN). This issue has been fixed in version 1.4.2.
Title Anchorr Privilege Escalation: Jellyseerr User → Anchorr Admin via Stored XSS
Weaknesses CWE-212
CWE-311
CWE-80
References
Metrics cvssV3_1

{'score': 9.1, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H'}

Subscriptions

Openvessl Anchorr
cve-icon MITRE

Status: PUBLISHED

Assigner: GitHub_M

Published:

Updated: 2026-03-20T14:36:21.045Z

Reserved: 2026-03-16T21:03:44.422Z

Link: CVE-2026-32891

cve-icon Vulnrichment

Updated: 2026-03-20T14:36:06.498Z

cve-icon NVD

Status : Analyzed

Published: 2026-03-20T03:16:00.240

Modified: 2026-03-27T16:09:54.573

Link: CVE-2026-32891

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-03-27T20:26:51Z

Weaknesses