Polylogue2

Name of the Vulnerable Software and Affected Versions: The Scratch Channel versions 1 and 1.1 Description: The Scratch Channel, a news website, is susceptible to unauthorized article posting. A POST request to the article publishing endpoint allows posting articles in any category with any date, irrespective of user login status. Recommendations: Update to version 1.2 to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** The Scratch Channel (affected versions not specified) **Description** The application does not properly sanitize text box inputs in the `/api/users.js` file, potentially leading to cross-site scripting attacks. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.