Skip to main content

CVE-2025-3964: Cross-Site Request Forgery in withstars Books-Management-System

Medium
VulnerabilityCVE-2025-3964cvecve-2025-3964
Published: Sun Apr 27 2025 (04/27/2025, 09:00:05 UTC)
Source: CVE
Vendor/Project: withstars
Product: Books-Management-System

Description

A vulnerability, which was classified as problematic, was found in withstars Books-Management-System 1.0. Affected is an unknown function of the file /api/article/del of the component Article Handler. The manipulation leads to cross-site request forgery. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no longer supported by the maintainer.

AI-Powered Analysis

AILast updated: 06/24/2025, 19:06:17 UTC

Technical Analysis

CVE-2025-3964 is a Cross-Site Request Forgery (CSRF) vulnerability identified in version 1.0 of the withstars Books-Management-System, specifically affecting an unknown function within the /api/article/del endpoint of the Article Handler component. CSRF vulnerabilities allow an attacker to trick an authenticated user into submitting a forged request to a web application, potentially causing unauthorized actions without the user's consent. In this case, the vulnerability enables remote attackers to manipulate article deletion requests without requiring authentication or elevated privileges, relying only on user interaction (e.g., visiting a malicious webpage). The vulnerability is classified as problematic with a CVSS 4.0 base score of 5.3 (medium severity), reflecting its moderate impact and ease of exploitation. Notably, the affected product version is no longer supported by the vendor, and no official patches or mitigations have been released. Although no known exploits are currently observed in the wild, the public disclosure of the vulnerability increases the risk of exploitation attempts. The vulnerability does not impact confidentiality or availability directly but can affect integrity by allowing unauthorized deletion of articles, potentially disrupting data consistency and user trust in the system. The attack vector is network-based with low complexity, no privileges required, and user interaction necessary, consistent with typical CSRF attack characteristics.

Potential Impact

For European organizations using the withstars Books-Management-System 1.0, this vulnerability poses a risk primarily to data integrity within the affected application. Unauthorized deletion of articles could disrupt business operations, content management workflows, and lead to loss of critical information. Since the product is no longer supported, organizations cannot rely on vendor patches, increasing exposure duration. The impact is particularly relevant for institutions relying on this system for managing publications, libraries, or knowledge bases, where data accuracy and availability are critical. While confidentiality and availability impacts are minimal, the integrity compromise could lead to reputational damage, operational delays, and increased administrative overhead to restore lost content. The requirement for user interaction means that social engineering or phishing campaigns could be leveraged to exploit this vulnerability, potentially targeting employees or users with access to the system. Given the medium severity, the threat is moderate but should not be ignored, especially in sectors with strict data governance requirements such as education, research, and public administration.

Mitigation Recommendations

Since the affected product version is no longer supported and no official patches exist, European organizations should consider the following specific mitigation strategies: 1) Implement Web Application Firewall (WAF) rules to detect and block suspicious CSRF attack patterns targeting the /api/article/del endpoint, including validation of the HTTP Referer and Origin headers. 2) Introduce custom CSRF tokens at the application or proxy level if feasible, to validate legitimate requests and reject forged ones. 3) Restrict access to the Books-Management-System API endpoints by IP whitelisting or VPN-only access to reduce exposure to external attackers. 4) Educate users about phishing and social engineering risks to reduce the likelihood of user interaction with malicious content. 5) Monitor application logs for unusual deletion requests or patterns indicative of CSRF exploitation attempts. 6) Plan and execute migration to a supported and actively maintained content management system to eliminate reliance on vulnerable legacy software. 7) If possible, isolate the affected system within a segmented network zone to limit lateral movement and data exposure. These targeted measures go beyond generic advice by focusing on compensating controls and operational practices tailored to the unsupported nature of the product and the specific vulnerability vector.

Need more detailed analysis?Get Pro

Technical Details

Data Version
5.1
Assigner Short Name
VulDB
Date Reserved
2025-04-26T07:03:42.042Z
Cisa Enriched
true
Cvss Version
4.0
State
PUBLISHED

Threat ID: 682d983dc4522896dcbef7c5

Added to database: 5/21/2025, 9:09:17 AM

Last enriched: 6/24/2025, 7:06:17 PM

Last updated: 7/28/2025, 10:26:41 AM

Views: 10

Actions

PRO

Updates to AI analysis are available only with a Pro account. Contact root@offseq.com for access.

Please log in to the Console to use AI analysis features.

Need enhanced features?

Contact root@offseq.com for Pro access with improved analysis and higher rate limits.

Latest Threats