CRITICAL🇵🇱 Wersja polska

CVE-2025-54117

CVSS 9.0v3.1pub. 2025-08-18upd. 2025-08-20

NamelessMC is a free, easy to use & powerful website software for Minecraft servers. Cross-site scripting (XSS) vulnerability in NamelessMC before 2.2.3 allows remote authenticated attackers to inject arbitrary web script or HTML via the dashboard text editor component. This vulnerability is fixed in 2.2.4.

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H
  • Namelessmc Nameless

    APP
    Namelessmc
    < 2.2.4
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
XSS
CWE
References

Related vulnerabilities

CVE-2025-22144CRITICAL9.0PL ✓ten sam produkt

NamelessMC — przejęcie konta przez pusty kod resetowania hasła

CVE-2025-54421HIGH7.2ten sam produkt

NamelessMC is a free, easy to use & powerful website software for Minecraft servers. Cross-site scripting (XSS...

CVE-2025-30357HIGH7.3ten sam produkt

NamelessMC is a free, easy to use & powerful website software for Minecraft servers. In version 2.1.4 and prio...

CVE-2025-29784HIGH7.5ten sam produkt

NamelessMC is a free, easy to use & powerful website software for Minecraft servers. In version 2.1.4 and prio...

CVE-2025-30158HIGH7.1ten sam produkt

NamelessMC is a free, easy to use & powerful website software for Minecraft servers. In version 2.1.4 and prio...