Scratch-wiki Scratch Login — known CVE vulnerabilities
Every CVE whose affected-product data names Scratch-wiki Scratch Login, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (2)
CVE-2020-15164 — CVSS 10.0 (critical): in Scratch Login (MediaWiki extension) before version 1.1, any account can be logged into by using the same username with leading…
CVE-2022-42985 — CVSS 4.8 (medium): The ScratchLogin extension through 1.1 for MediaWiki does not escape verification failure messages, which allows users with administrator…