Skip to main content

CVE-2025-29621: n/a in n/a

High
VulnerabilityCVE-2025-29621cvecve-2025-29621n-acwe-290
Published: Tue Apr 22 2025 (04/22/2025, 00:00:00 UTC)
Source: CVE
Vendor/Project: n/a
Product: n/a

Description

Francois Jacquet RosarioSIS v12.0.0 was discovered to contain a content spoofing vulnerability in the Theme configuration under the My Preferences module. This vulnerability allows attackers to manipulate application settings.

AI-Powered Analysis

AILast updated: 06/21/2025, 16:53:09 UTC

Technical Analysis

CVE-2025-29621 is a high-severity content spoofing vulnerability identified in Francois Jacquet's RosarioSIS version 12.0.0, specifically within the Theme configuration under the My Preferences module. RosarioSIS is an open-source Student Information System used by educational institutions to manage student data and administrative tasks. The vulnerability allows an attacker to manipulate application settings by exploiting the content spoofing flaw, which can mislead users by displaying falsified or altered content within the user interface. This manipulation can lead to unauthorized changes in application behavior or settings, potentially undermining the integrity and availability of the system. The CVSS v3.1 base score of 7.3 reflects a high severity, with an attack vector that is network-based (AV:N), requiring no privileges (PR:N) or user interaction (UI:N), and impacting confidentiality, integrity, and availability to a low extent (C:L/I:L/A:L). The vulnerability is classified under CWE-290, which relates to improper authentication, suggesting that the flaw may allow attackers to bypass or circumvent authentication mechanisms to alter settings. No patches or known exploits in the wild have been reported as of the publication date (April 22, 2025). Given the nature of the vulnerability, an attacker could remotely exploit this flaw without authentication or user interaction, making it a significant risk for affected deployments of RosarioSIS 12.0.0.

Potential Impact

For European organizations, particularly educational institutions using RosarioSIS, this vulnerability poses a risk of unauthorized manipulation of system settings, potentially leading to data integrity issues, misconfiguration, and disruption of normal operations. While the confidentiality impact is low, the ability to alter application settings without authentication could allow attackers to degrade system reliability or availability, possibly affecting student data management and administrative workflows. This could result in operational downtime, loss of trust, and compliance challenges under regulations such as GDPR if personal data integrity is compromised. The lack of user interaction and privilege requirements increases the likelihood of exploitation, raising concerns for institutions that rely heavily on RosarioSIS for critical administrative functions. Additionally, since the vulnerability affects the Theme configuration, attackers might use content spoofing to deceive users into performing unintended actions or to facilitate further social engineering attacks.

Mitigation Recommendations

Organizations should immediately assess their use of RosarioSIS version 12.0.0 and consider the following specific mitigation steps: 1) Restrict network access to the RosarioSIS application, limiting it to trusted internal networks or VPNs to reduce exposure to remote attackers. 2) Implement web application firewalls (WAFs) with custom rules to detect and block suspicious requests targeting the Theme configuration endpoints. 3) Conduct thorough audits of application settings and user preferences to detect unauthorized changes promptly. 4) Enhance monitoring and logging around configuration changes within RosarioSIS to enable rapid detection and response. 5) Engage with the RosarioSIS community or vendor to obtain patches or updates addressing this vulnerability as soon as they become available. 6) Educate administrative users about the risks of content spoofing and encourage verification of any unexpected interface changes. 7) Consider deploying application-layer authentication or additional access controls around the Theme configuration module to mitigate unauthorized access until an official patch is released.

Need more detailed analysis?Get Pro

Technical Details

Data Version
5.1
Assigner Short Name
mitre
Date Reserved
2025-03-11T00:00:00.000Z
Cisa Enriched
true

Threat ID: 682d9848c4522896dcbf5dc4

Added to database: 5/21/2025, 9:09:28 AM

Last enriched: 6/21/2025, 4:53:09 PM

Last updated: 7/31/2025, 9:48:28 PM

Views: 11

Actions

PRO

Updates to AI analysis are available only with a Pro account. Contact root@offseq.com for access.

Please log in to the Console to use AI analysis features.

Need enhanced features?

Contact root@offseq.com for Pro access with improved analysis and higher rate limits.

Latest Threats