Scratch-wiki Scratch_login

2 CVEs affecting Scratch-wiki Scratch_login. Latest disclosed: 2022-11-17. Critical: 1, High: 0.

Top CVEs affecting Scratch-wiki Scratch_login
CVESeverityScorePublishedSummary
CVE-2020-15164Critical10.02020-08-28in Scratch Login (MediaWiki extension) before version 1.1, any account can be logged into by using the same username with leading, trailing, or repeated unders…
CVE-2022-42985Medium4.82022-11-17The ScratchLogin extension through 1.1 for MediaWiki does not escape verification failure messages, which allows users with administrator privileges to perform…