Cross-Site Scripting Vulnerability in Scratch Channel News Website
CVE-2025-53904

1.3LOW

Key Information:

Vendor: The-scratch-channel
Status: The-scratch-channel.github.io
Vendor: CVE Published:; 16 July 2025

🔔 Create The-scratch-channel Vulnerability Alert

What is CVE-2025-53904?

The Scratch Channel's news website contains a vulnerability in the /api/admin.js file, enabling potential cross-site scripting attacks. This flaw could allow attackers to inject malicious scripts into web pages viewed by users, compromising user data and session integrity. As of the current report, no patches are available, leaving the site exposed to such threats. Website administrators are urged to review their code and implement necessary security measures to mitigate this risk.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

the-scratch-channel.github.io <= b66a1cae45e05ad8971aecd96c3322520f8a5725

References

https://github.com/The-Scratch-Channel/the-scratch-channe...

x_refsource_CONFIRM

https://github.com/The-Scratch-Channel/the-scratch-channe...

x_refsource_MISC

CVSS V4

Score:

1.3

Severity:

LOW

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

Unknown

Timeline

Vulnerability published
Jul 16, 2025
Vulnerability Reserved
Jul 11, 2025

JSON

The-scratch-channel

What is CVE-2025-53904?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

Affected Version(s)

References

CVSS V4

Timeline

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.