Vulnerability Description
Scratch-Coding-Hut.github.io is the website for Coding Hut. The website as of 28 February 2025 contained a sign in with scratch username and password form. Any user who used the sign in page would be susceptible to any other user signing into their account. As of time of publication, a fix is not available but work on a fix is underway. As a workaround, users should avoid signing in.
Related Weaknesses (CWE)
References
- https://github.com/Scratch-Coding-Hut/Scratch-Coding-Hut.github.io/issues/3
- https://github.com/Scratch-Coding-Hut/Scratch-Coding-Hut.github.io/security/advi
FAQ
What is CVE-2025-27416?
CVE-2025-27416 is a documented vulnerability. Scratch-Coding-Hut.github.io is the website for Coding Hut. The website as of 28 February 2025 contained a sign in with scratch username and password form. Any user who used the sign in page would be ...
How severe is CVE-2025-27416?
CVSS scoring is not yet available for CVE-2025-27416. Check NVD for updates.
Is there a patch for CVE-2025-27416?
Check the references section above for vendor advisories and patch information. Review vendor security bulletins for remediation guidance.