Security Advisory

CVE-2025-54421

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-08-18 16:01:30
Last updated 2025-08-18 17:36:09
Assigner GitHub_M
State PUBLISHED

Description

NamelessMC is a free, easy to use & powerful website software for Minecraft servers. Cross-site scripting (XSS) vulnerability in NamelessMC before 2.2.4 allows remote authenticated attackers to inject arbitrary web script or HTML via the default_keywords crafted parameter. This vulnerability is fixed in 2.2.4.