CVE-2025-55301

medium

Description

The Scratch Channel is a news website. In version 1, it is possible to go to application in devtools and click local storage to edit the account's username locally. This issue has been patched in version 1.1.

References

https://github.com/The-Scratch-Channel/tsc-web-client/security/advisories/GHSA-9q4f-4vjm-7gp2

https://github.com/The-Scratch-Channel/tsc-web-client/releases/tag/v1.1

https://github.com/The-Scratch-Channel/tsc-web-client/discussions/77

Details

Source: Mitre, NVD

Published: 2025-08-25

Updated: 2026-04-15

Risk Information

CVSS v2

Base Score: 5.6

Vector: CVSS2#AV:L/AC:H/Au:N/C:C/I:N/A:C

Severity: Medium

CVSS v3

Base Score: 6.7

Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H