Vulnerability Database

296,855

Total vulnerabilities in the database

CVE-2025-54117

NamelessMC is a free, easy to use & powerful website software for Minecraft servers. Cross-site scripting (XSS) vulnerability in NamelessMC before 2.2.3 allows remote authenticated attackers to inject arbitrary web script or HTML via the dashboard text editor component. This vulnerability is fixed in 2.2.4.

Published: Aug 18, 2025
Updated: Aug 19, 2025
CVE: CVE-2025-54117
Exploit:

No technical information available.

CWEs:

CWE-79
CWE-80

OWASP TOP 10:

A7 - Cross-Site Scripting (XSS)

Affected Software
References

No affected software listed.

https://github.com/NamelessMC/Nameless/commit/0e77706b2966dd9f2e30502126d6581ecc001f09
https://github.com/NamelessMC/Nameless/security/advisories/GHSA-gp3j-j84w-vqxx

Deep Security Visibility Without the Complexity

SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.

No setup fees
5-min deployment
Cancel anytime

Book a Demo