CVE-2025-53903 Information

Description

The Scratch Channel is a news website that is under development as of time of this writing. The file /api/users.js doesn’t properly sanitize text box inputs leading to a potential vulnerability to cross-site scripting attacks. Commit 90b39eb56b27b2bac29001abb1a3cac0964b8ddb addresses this issue.

Reference

https://github.com/The-Scratch-Channel/the-scratch-channel.github.io/commit/90b39eb56b27b2bac29001abb1a3cac0964b8ddb https://github.com/The-Scratch-Channel/the-scratch-channel.github.io/security/advisories/GHSA-25wp-g9g6-7fr9 https://github.com/The-Scratch-Channel/the-scratch-channel.github.io/security/advisories/GHSA-25wp-g9g6-7fr9

Related CNNVD

CNNVD-202507-2064 (Published: 2025-07-15)