VYPR

ScratchOAuth2

by Scratch

CVEs (1)

  • CVE-2021-29437HigApr 13, 2021
    risk 0.00cvss 8.0epss 0.01

    ScratchOAuth2 is an Oauth implementation for Scratch. Any ScratchOAuth2-related data normally accessible and modifiable by a user can be read and modified by a third party. 1. Scratch user visits 3rd party site. 2. 3rd party site asks user for Scratch username. 3. 3rd party site…