CVE Vulnerabilities

CVE-2025-30357

Use of Incorrectly-Resolved Name or Reference

Published: Apr 18, 2025 | Modified: May 13, 2025
CVSS 3.x
6.8
MEDIUM
Source:
NVD
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:H/A:N
CVSS 2.x
RedHat/V2
RedHat/V3
Ubuntu

NamelessMC is a free, easy to use & powerful website software for Minecraft servers. In version 2.1.4 and prior, if a malicious user is leaving spam comments on many topics then an administrator, unable to manually remove each spam comment, may delete the malicious account. Once an administrator deletes the malicious users account, all their posts (comments) along with the associated topics (by unrelated users) will be marked as deleted. This issue has been patched in version 2.2.0.

Weakness

The product uses a name or reference to access a resource, but the name/reference resolves to a resource that is outside of the intended control sphere.

Affected Software

Name Vendor Start Version End Version
Nameless Namelessmc * 2.2.0 (excluding)

References