CVE-2025-55301
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2025-08-25

Last updated on: 2025-08-25

Assigner: GitHub, Inc.

Description
The Scratch Channel is a news website. In version 1, it is possible to go to application in devtools and click local storage to edit the account's username locally. This issue has been patched in version 1.1.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-08-25
Last Modified
2025-08-25
Generated
2026-06-16
AI Q&A
2025-08-26
EPSS Evaluated
2026-06-15
NVD
CVE-2025-55301
EUVD
EUVD-2025-25710
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
the-scratch-channel tsc-web-client 1.1
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-20 The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

The vulnerability in The Scratch Channel version 1 allows an attacker to use developer tools to edit the account's username locally via the browser's local storage. This means the username can be manipulated on the client side, potentially causing issues with account integrity. This vulnerability was fixed in version 1.1.

Impact Analysis

This vulnerability can impact you by allowing unauthorized modification of the username on the client side, which could lead to confusion, impersonation, or other issues related to account identity. It may also affect the reliability of user data and could potentially be exploited in combination with other vulnerabilities.

Mitigation Strategies

Update the Scratch Channel application to version 1.1 or later, as this version contains the patch that fixes the vulnerability allowing local storage username editing.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2025-55301. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart