Skip to main content

Breaking cybersecurity news

Vulnerability database

EU vulnerability data

Hands-on web security training

Security incidents database

Knowledge library

Analytics & trends

Follow us

Professional cybersecurity intelligence

Breaking cybersecurity news

Vulnerability database

EU vulnerability data

Hands-on web security training

Security incidents database

Knowledge library

Analytics & trends

Follow us

About Sources Sponsored Articles Status Legal Terms

v2.3.3•© 2026

Telegram Bluesky GitHub Contact

Return to CVE list

CVE-2025-31122

CVE-2025-31122

9.0

Critical

Published:31 Mar 2025

Last updated:17 Jun 2026

Source:security-advisories@github.com

Deferred

Weakness (CWE)

CWE-287Improper Authentication
CWE-290CWE-290

CVSS Vector

v4.0

Attack Vector: Network
Attack Complexity: High
Attack Requirements: Present
Privileges Required: None
User Interaction: Passive
Confidentiality (Vulnerable): High
Integrity (Vulnerable): High
Availability (Vulnerable): High
Confidentiality (Subsequent): High
Integrity (Subsequent): High
Availability (Subsequent): High

View on MITRE Find PoC on GitHub

Description

scratch-coding-hut.github.io is the website for Coding Hut. In 1.0-beta3 and earlier, the login link can be used to login to any account by changing the username in the username field.

References

security-advisories@github.com

https://github.com/Scratch-Coding-Hut/Scratch-Coding-Hut.github.io/issues/56

security-advisories@github.com

https://github.com/Scratch-Coding-Hut/Scratch-Coding-Hut/security/advisories/GHSA-mmg3-567w-v9j2