CVE-2025-30357

High CVSS: 7.3

NamelessMC is a free, easy to use & powerful website software for Minecraft servers. In version 2.1.4 and prior, if a malicious user is leaving spam comments on many topics then an administrator, unable to manually remove each spam comment, may delete the malicious account. Once an administrator deletes the malicious user's account, all their posts (comments) along with the associated topics (by unrelated users) will be marked as deleted. This issue has been patched in version 2.2.0.

Vendor

Namelessmc

Product

Nameless

CWE

CWE-706

Yayın Tarihi

2025-04-18 16:15:22

Güncelleme

2025-05-13 15:40:18

Source Identifier

security-advisories@github.com

KEV Date Added

Kategoriler

CWE-706 Nameless HIGH Namelessmc 2025

Referanslar

https://github.com/NamelessMC/Nameless/commit/7040924e27f99aa486c619a5b4ca809051a1ca7f https://github.com/NamelessMC/Nameless/releases/tag/v2.2.0 https://github.com/NamelessMC/Nameless/security/advisories/GHSA-22mc-7c9m-gv8h

Benzer Kayıtlar

Critical

CVE-2025-54117

NamelessMC is a free, easy to use & powerful website software for Minecraft servers. Cross-site scripting (XSS) vulnerab…

Medium

CVE-2025-54118

NamelessMC is a free, easy to use & powerful website software for Minecraft servers. Sensitive information disclosure in…

High

CVE-2025-54421

NamelessMC is a free, easy to use & powerful website software for Minecraft servers. Cross-site scripting (XSS) vulnerab…

High

CVE-2025-32389

NamelessMC is a free, easy to use & powerful website software for Minecraft servers. Prior to version 2.1.4, NamelessMC…

High

CVE-2025-29784

NamelessMC is a free, easy to use & powerful website software for Minecraft servers. In version 2.1.4 and prior, the s p…

High

CVE-2025-30158

NamelessMC is a free, easy to use & powerful website software for Minecraft servers. In version 2.1.4 and prior, the for…