{"vulnerability": "CVE-2025-30158", "sightings": [{"uuid": "47d8cd66-fdbb-4c66-8813-c6fe247c6108", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30158", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3ln42fpgtpb2l", "content": "", "creation_timestamp": "2025-04-18T16:34:26.144342Z"}, {"uuid": "2daa7a05-6867-43b7-ac6c-5a787234b506", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30158", "type": "seen", "source": "https://bsky.app/profile/Minecraft.activitypub.awakari.com.ap.brid.gy/post/3ln45d4eikwm2", "content": "", "creation_timestamp": "2025-04-18T17:27:57.676674Z"}, {"uuid": "b6148ab3-a823-4f96-9d50-0aebcd39d7db", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30158", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/12467", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-30158\n\ud83d\udd25 CVSS Score: 7.1 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H)\n\ud83d\udd39 Description: NamelessMC is a free, easy to use & powerful website software for Minecraft servers. In version 2.1.4 and prior, the forum allows users to post iframe elements inside forum topics/comments/feed with no restriction on the iframe's width and height attributes. This allows an authenticated attacker to perform a UI-based denial of service (DoS) by injecting oversized iframes that block the forum UI and disrupt normal user interactions. This issue has been patched in version 2.2.0.\n\ud83d\udccf Published: 2025-04-18T15:50:49.309Z\n\ud83d\udccf Modified: 2025-04-18T15:50:49.309Z\n\ud83d\udd17 References:\n1. https://github.com/NamelessMC/Nameless/security/advisories/GHSA-2prx-rgr7-hq5f\n2. https://github.com/NamelessMC/Nameless/commit/caa42a975338a13fbc1658e8c440108f16135643\n3. https://github.com/NamelessMC/Nameless/releases/tag/v2.2.0", "creation_timestamp": "2025-04-18T15:58:46.000000Z"}, {"uuid": "3281cf30-d1b0-43d9-a851-a2f908189863", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30158", "type": "seen", "source": "https://t.me/cvedetector/23318", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-30158 - NamelessMC DoS Frame Injection Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-30158 \nPublished : April 18, 2025, 4:15 p.m. | 26\u00a0minutes ago \nDescription : NamelessMC is a free, easy to use & powerful website software for Minecraft servers. In version 2.1.4 and prior, the forum allows users to post iframe elements inside forum topics/comments/feed with no restriction on the iframe's width and height attributes. This allows an authenticated attacker to perform a UI-based denial of service (DoS) by injecting oversized iframes that block the forum UI and disrupt normal user interactions. This issue has been patched in version 2.2.0. \nSeverity: 7.1 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"18 Apr 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-18T19:05:00.000000Z"}, {"uuid": "639eae33-a6cf-427b-be90-84275ebe6bfd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30158", "type": "published-proof-of-concept", "source": "Telegram/7jNmJD5vjZVenNUqyYR0CPI9qktay_Z3-idVdIxY76S8ayI", "content": "", "creation_timestamp": "2025-04-18T18:31:46.000000Z"}]}