User Account Manipulation Vulnerability in Scratch Channel News Website
CVE-2025-55301
6.7MEDIUM
What is CVE-2025-55301?
The Scratch Channel news website has a vulnerability in its web application that allows unauthorized access to user accounts. In version 1.0, users can manipulate their account's username through the developer tools by editing local storage. This security flaw potentially exposes user information and undermines account integrity. Fortunately, the issue has been addressed in version 1.1, where necessary patches were implemented to enhance security and protect user accounts.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.
Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.
Affected Version(s)
the-scratch-channel.github.io = 1
References
CVSS V3.1
Score:
6.7
Severity:
MEDIUM
Confidentiality:
High
Integrity:
None
Availability:
High
Attack Vector:
Local
Attack Complexity:
High
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved
