CVE-2025-30357

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2025-30357

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-30357.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2025-30357

Aliases

GHSA-22mc-7c9m-gv8h

Published

2025-04-18T16:15:22Z

Modified

2025-05-24T03:40:06.424199Z

Severity

6.8 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:H/A:N CVSS Calculator

Summary

[none]

Details

NamelessMC is a free, easy to use & powerful website software for Minecraft servers. In version 2.1.4 and prior, if a malicious user is leaving spam comments on many topics then an administrator, unable to manually remove each spam comment, may delete the malicious account. Once an administrator deletes the malicious user's account, all their posts (comments) along with the associated topics (by unrelated users) will be marked as deleted. This issue has been patched in version 2.2.0.

References

Affected packages

Git / github.com/namelessmc/nameless

Affected ranges

Type: GIT
Repo: https://github.com/namelessmc/nameless
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

4726f43c3e637ca6c97a3bc813794311ef523ea6

Fixed

7040924e27f99aa486c619a5b4ca809051a1ca7f

Affected versions

v2.*

v2.0.0

v2.0.0-pr1

v2.0.0-pr10

v2.0.0-pr11

v2.0.0-pr12

v2.0.0-pr13

v2.0.0-pr2

v2.0.0-pr3

v2.0.0-pr4

v2.0.0-pr5

v2.0.0-pr6

v2.0.0-pr7

v2.0.0-pr8

v2.0.0-pr9

v2.0.1

v2.0.2

v2.0.3

v2.1.0

v2.1.1

v2.1.2

v2.1.3

v2.1.4