The Scratch Channel Allows Username Modification_CVE-2025-55301

6.7 / 10

MEDIUM

CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H

Description

The Scratch Channel is a news website. In version 1, it is possible to go to application in devtools and click local storage to edit the account's username locally. This issue has been patched in version 1.1.

Basic Information

ID CVE-2025-55301

Source GitHub_M

Published Aug 25, 2025 at 15:38

Modified Aug 25, 2025 at 16:03

Affected Product

Vendor The-Scratch-Channel

Product the-scratch-channel.github.io

Version = 1

Affected Versions The-Scratch-Channel the-scratch-channel.github.io = 1

CWE Classification

CWE-20

References

{
    "lastseen": "",
    "description": "The Scratch Channel is a news website. In version 1, it is possible to go to application in devtools and click local storage to edit the account's username locally. This issue has been patched in version 1.1.",
    "published": "2025-08-25T15:38:34.391Z",
    "modified": "2025-08-25T16:03:22.618Z",
    "type": "cve",
    "title": "The Scratch Channel Allows Username Modification",
    "source": "GitHub_M",
    "references": "https://github.com/The-Scratch-Channel/tsc-web-client/security/advisories/GHSA-9q4f-4vjm-7gp2\nhttps://github.com/The-Scratch-Channel/tsc-web-client/discussions/77\nhttps://github.com/The-Scratch-Channel/tsc-web-client/releases/tag/v1.1",
    "id": "CVE-2025-55301",
    "bulletinFamily": "",
    "cwe": [
        "CWE-20"
    ],
    "cvelist": null,
    "sourceData": "The-Scratch-Channel the-scratch-channel.github.io = 1",
    "sourceHref": "",
    "cvss": {
        "score": 6.7,
        "severity": "MEDIUM",
        "vector": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "the-scratch-channel.github.io",
    "version": "= 1",
    "vendor": "The-Scratch-Channel",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}