Skip to main content

CVE-2025-3959: Cross-Site Request Forgery in withstars Books-Management-System

Medium
VulnerabilityCVE-2025-3959cvecve-2025-3959
Published: Sun Apr 27 2025 (04/27/2025, 04:31:03 UTC)
Source: CVE
Vendor/Project: withstars
Product: Books-Management-System

Description

A vulnerability was found in withstars Books-Management-System 1.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /reader_delete.html. The manipulation leads to cross-site request forgery. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no longer supported by the maintainer.

AI-Powered Analysis

AILast updated: 06/24/2025, 19:06:35 UTC

Technical Analysis

CVE-2025-3959 is a Cross-Site Request Forgery (CSRF) vulnerability identified in version 1.0 of the withstars Books-Management-System, specifically affecting an unknown functionality within the /reader_delete.html endpoint. CSRF vulnerabilities allow an attacker to trick an authenticated user into submitting a forged request to a web application, thereby performing unwanted actions on behalf of the user without their consent. In this case, the vulnerability enables remote attackers to potentially delete reader entries or perform similar unauthorized actions by exploiting the lack of proper anti-CSRF protections such as tokens or referer validation. The affected product is no longer supported by the vendor, meaning no official patches or updates are available to remediate this issue. The vulnerability has a CVSS 4.0 base score of 5.3, indicating a medium severity level. The vector details reveal that the attack can be launched remotely (AV:N), requires no privileges (PR:N), does not require authentication (AT:N), but does require user interaction (UI:P). The impact on confidentiality is none, integrity impact is low, and availability impact is none, suggesting the primary risk is unauthorized modification of data (likely deletion of reader records). No known exploits are currently observed in the wild, but public disclosure of the exploit code increases the risk of future exploitation. Since the vulnerability affects an unsupported product, organizations using this system face increased risk due to the absence of vendor support and patches.

Potential Impact

For European organizations, the impact of this vulnerability depends largely on the extent to which the withstars Books-Management-System is deployed within their infrastructure. If used in libraries, educational institutions, or organizations managing book inventories, successful exploitation could lead to unauthorized deletion or modification of reader data, potentially disrupting operations and causing data integrity issues. While the vulnerability does not directly compromise confidentiality or availability, the integrity impact could affect trustworthiness of records and operational workflows. The lack of vendor support exacerbates the risk, as organizations cannot rely on official patches and must implement compensating controls. Additionally, the public disclosure of the exploit increases the likelihood of opportunistic attacks, especially targeting less security-aware environments. The medium severity rating suggests that while the threat is not critical, it is significant enough to warrant attention, particularly in sectors where data accuracy and system reliability are essential. Organizations in Europe with legacy deployments of this system may face compliance challenges if data integrity is compromised, especially under regulations like GDPR that emphasize data accuracy and security.

Mitigation Recommendations

Given the absence of vendor patches, European organizations should prioritize the following specific mitigation strategies: 1) Immediate isolation or decommissioning of the affected withstars Books-Management-System 1.0 installations, replacing them with supported and actively maintained alternatives. 2) If replacement is not immediately feasible, implement web application firewall (WAF) rules to detect and block suspicious requests targeting /reader_delete.html, particularly those lacking valid CSRF tokens or originating from untrusted sources. 3) Enforce strict same-site cookie policies and require re-authentication for sensitive actions to reduce the risk of CSRF exploitation. 4) Conduct thorough audits of user permissions and minimize privileges to limit the impact of any unauthorized actions. 5) Educate users about the risks of clicking on untrusted links or visiting malicious websites while authenticated to the system, as user interaction is required for exploitation. 6) Monitor logs for unusual activity related to reader deletion or modification endpoints to detect potential exploitation attempts early. 7) Where possible, implement additional server-side validation to verify the legitimacy of requests modifying critical data. These targeted measures go beyond generic advice by focusing on compensating controls tailored to the unsupported status of the product and the specific nature of the CSRF vulnerability.

Need more detailed analysis?Get Pro

Technical Details

Data Version
5.1
Assigner Short Name
VulDB
Date Reserved
2025-04-26T07:03:26.551Z
Cisa Enriched
true
Cvss Version
4.0
State
PUBLISHED

Threat ID: 682d983dc4522896dcbef7bd

Added to database: 5/21/2025, 9:09:17 AM

Last enriched: 6/24/2025, 7:06:35 PM

Last updated: 7/31/2025, 12:22:37 PM

Views: 10

Actions

PRO

Updates to AI analysis are available only with a Pro account. Contact root@offseq.com for access.

Please log in to the Console to use AI analysis features.

Need enhanced features?

Contact root@offseq.com for Pro access with improved analysis and higher rate limits.

Latest Threats