| Summary | NamelessMC is website software for Minecraft servers. In version 2.2.4, `modules/Forum/classes/ForumPostReactionContext.php` only verifies that the caller can view the forum, but it does not re-enforce topic-level `view_other_topics` authorization. As a result, in forums where users may enter the forum but may only view their own topics, reactions can still be read and modified on other users' topics. Version 2.2.5 fixes the issue. |
|---|---|
| Publication Date | June 3, 2026, 2:16 a.m. |
| Registration Date | June 3, 2026, 4:18 a.m. |
| Last Update | June 3, 2026, 2:18 a.m. |