What is CVE-2025-31120?

CVE-2025-31120 is a medium-severity vulnerability in Namelessmc Nameless, classified under Reliance on Cookies without Validation and Integrity Checking. CVSS score: 5.3/10. Published 2025-04-18.

How severe is CVE-2025-31120?

Medium severity. CVSS v3 base score is 5.3 out of 10.

Vulnerability in Namelessmc Nameless

CVE-2025-31120

NamelessMC is a free, easy to use & powerful website software for Minecraft servers. In version 2.1.4 and prior, an insecure view count mechanism in the forum page allows an unauthenticated attacker to artificially increase the view count…

EPSS: 0.003 (50.1th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 5.3 (Medium). Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N.

Affected products

Namelessmc Nameless — versions < 2.2.0

Weakness classification (CWE)

CWE-565 — Reliance on Cookies without Validation and Integrity Checking

References

https://github.com/NamelessMC/Nameless/security/advisories/GHSA-8jv7-77jw-h646 (x_refsource_CONFIRM)
https://github.com/NamelessMC/Nameless/commit/9b112c0beab346a38b6f5a51e7773b38c6fc52e7 (x_refsource_MISC)
https://github.com/NamelessMC/Nameless/releases/tag/v2.2.0 (x_refsource_MISC)

Frequently asked questions

What is CVE-2025-31120?: CVE-2025-31120 is a medium-severity vulnerability in Namelessmc Nameless, classified under Reliance on Cookies without Validation and Integrity Checking. CVSS score: 5.3/10. Published 2025-04-18.
How severe is CVE-2025-31120?: Medium severity. CVSS v3 base score is 5.3 out of 10.