CVE-2025-31120

Name of the Vulnerable Software and Affected Versions NamelessMC versions 2.1.4 and prior

Description The issue concerns an insecure view count mechanism in the forum page of NamelessMC, a free website software for Minecraft servers. This mechanism relies on a client-side cookie (nl-topic-[tid]) or a session variable for guests to determine if a view should be counted. When a client does not provide the cookie, every page request increments the counter, leading to incorrect view metrics.

Recommendations For versions 2.1.4 and prior, update to version 2.2.0 to resolve the issue.