Primary

Context

The Scratch Channel Forking Vulnerability Allows Unauthorized Article Publication

Vulnerability

A vulnerability exists in The Scratch Channel's web client, specifically in versions 1.0 and 1.1, that allows users to publish articles without proper authorization. This issue arises when a user forks a project, as they can manipulate admin settings to facilitate article creation. The vulnerability is exploited through the API's POST request functionality, enabling the unauthorized publication of content.

Impact

Exploitation of this vulnerability could lead to unauthorized article publication, potentially allowing for the spread of misinformation or harmful content.

Remediation

Users can update to version 1.2 to address this vulnerability.

Added: Sep 17, 2025, 7:17 PM

Updated: Sep 17, 2025, 7:17 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

3.1

exploitability

4.8

remediation

7.7

relevance

0.5

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

3.1

exploitability

4.8

remediation

7.7

relevance

0.5

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

The Scratch Channel Forking Vulnerability Allows Unauthorized Article Publication

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating