CVE-2025-55301

Source
https://cve.org/CVERecord?id=CVE-2025-55301
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-55301.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2025-55301
Aliases
  • GHSA-9q4f-4vjm-7gp2
Published
2025-08-25T15:38:34.391Z
Modified
2026-07-15T01:48:55.382697387Z
Severity
  • 6.7 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H CVSS Calculator
Summary
The Scratch Channel Allows Username Modification
Details

The Scratch Channel is a news website. In version 1, it is possible to go to application in devtools and click local storage to edit the account's username locally. This issue has been patched in version 1.1.

Database specific
{
    "cwe_ids": [
        "CWE-20"
    ],
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/55xxx/CVE-2025-55301.json",
    "cna_assigner": "GitHub_M"
}
References

Affected packages

Git / github.com/the-scratch-channel/tsc-web-client

Affected ranges

Type
GIT
Repo
https://github.com/the-scratch-channel/tsc-web-client
Events
Database specific
{
    "extracted_events": [
        {
            "introduced": "= 1"
        },
        {
            "last_affected": "= 1"
        }
    ],
    "source": [
        "AFFECTED_FIELD",
        "REFERENCES"
    ]
}

Affected versions

Other
= 1
v1

Database specific

source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-55301.json"