PT-2025-30508 · Unknown · Pcl Community Edition
Published
2025-07-23
·
Updated
2025-07-23
·
CVE-2025-54120
CVSS v4.0
9.3
Critical
| Vector | AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H |
Name of the Vulnerable Software and Affected Versions
PCL (Plain Craft Launcher) Community Edition versions 2.12.0-beta.5 through 2.12.0-beta.9
Description
PCL (Plain Craft Launcher) Community Edition is a Minecraft launcher. Versions 2.12.0-beta.5 through 2.12.0-beta.9 inadvertently record login credentials used during the third-party login process in a local log file. Manual sharing of this log file could lead to credential leakage.
Recommendations
Update to version 2.12.0-beta.10.
Exploit
Fix
Insertion into Log File
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Pcl Community Edition