HIGH🇵🇱 Wersja polska

CVE-2025-30357

CVSS 7.3v3.1pub. 2025-04-18upd. 2025-05-13

NamelessMC is a free, easy to use & powerful website software for Minecraft servers. In version 2.1.4 and prior, if a malicious user is leaving spam comments on many topics then an administrator, unable to manually remove each spam comment, may delete the malicious account. Once an administrator deletes the malicious user's account, all their posts (comments) along with the associated topics (by unrelated users) will be marked as deleted. This issue has been patched in version 2.2.0.

CVSS Vector
CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:C/C:N/I:H/A:H
  • Namelessmc Nameless

    APP
    Namelessmc
    < 2.2.0
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
CWE
References

Related vulnerabilities

CVE-2025-54117CRITICAL9.0PL ✓ten sam produkt

XSS w edytorze tekstu panelu administracyjnego NamelessMC

CVE-2025-22144CRITICAL9.0PL ✓ten sam produkt

NamelessMC — przejęcie konta przez pusty kod resetowania hasła

CVE-2025-54421HIGH7.2ten sam produkt

NamelessMC is a free, easy to use & powerful website software for Minecraft servers. Cross-site scripting (XSS...

CVE-2025-31118HIGH7.1ten sam produkt

NamelessMC is a free, easy to use & powerful website software for Minecraft servers. In version 2.1.4 and prio...

CVE-2025-29784HIGH7.5ten sam produkt

NamelessMC is a free, easy to use & powerful website software for Minecraft servers. In version 2.1.4 and prio...