CVE-2025-3964: Cross-Site Request Forgery in withstars Books-Management-System
A vulnerability, which was classified as problematic, was found in withstars Books-Management-System 1.0. Affected is an unknown function of the file /api/article/del of the component Article Handler. The manipulation leads to cross-site request forgery. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no longer supported by the maintainer.
AI Analysis
Technical Summary
CVE-2025-3964 is a Cross-Site Request Forgery (CSRF) vulnerability identified in version 1.0 of the withstars Books-Management-System, specifically affecting an unknown function within the /api/article/del endpoint of the Article Handler component. CSRF vulnerabilities allow an attacker to trick an authenticated user into submitting a forged request to a web application, potentially causing unauthorized actions without the user's consent. In this case, the vulnerability enables remote attackers to manipulate article deletion requests without requiring authentication or elevated privileges, relying only on user interaction (e.g., visiting a malicious webpage). The vulnerability is classified as problematic with a CVSS 4.0 base score of 5.3 (medium severity), reflecting its moderate impact and ease of exploitation. Notably, the affected product version is no longer supported by the vendor, and no official patches or mitigations have been released. Although no known exploits are currently observed in the wild, the public disclosure of the vulnerability increases the risk of exploitation attempts. The vulnerability does not impact confidentiality or availability directly but can affect integrity by allowing unauthorized deletion of articles, potentially disrupting data consistency and user trust in the system. The attack vector is network-based with low complexity, no privileges required, and user interaction necessary, consistent with typical CSRF attack characteristics.
Potential Impact
For European organizations using the withstars Books-Management-System 1.0, this vulnerability poses a risk primarily to data integrity within the affected application. Unauthorized deletion of articles could disrupt business operations, content management workflows, and lead to loss of critical information. Since the product is no longer supported, organizations cannot rely on vendor patches, increasing exposure duration. The impact is particularly relevant for institutions relying on this system for managing publications, libraries, or knowledge bases, where data accuracy and availability are critical. While confidentiality and availability impacts are minimal, the integrity compromise could lead to reputational damage, operational delays, and increased administrative overhead to restore lost content. The requirement for user interaction means that social engineering or phishing campaigns could be leveraged to exploit this vulnerability, potentially targeting employees or users with access to the system. Given the medium severity, the threat is moderate but should not be ignored, especially in sectors with strict data governance requirements such as education, research, and public administration.
Mitigation Recommendations
Since the affected product version is no longer supported and no official patches exist, European organizations should consider the following specific mitigation strategies: 1) Implement Web Application Firewall (WAF) rules to detect and block suspicious CSRF attack patterns targeting the /api/article/del endpoint, including validation of the HTTP Referer and Origin headers. 2) Introduce custom CSRF tokens at the application or proxy level if feasible, to validate legitimate requests and reject forged ones. 3) Restrict access to the Books-Management-System API endpoints by IP whitelisting or VPN-only access to reduce exposure to external attackers. 4) Educate users about phishing and social engineering risks to reduce the likelihood of user interaction with malicious content. 5) Monitor application logs for unusual deletion requests or patterns indicative of CSRF exploitation attempts. 6) Plan and execute migration to a supported and actively maintained content management system to eliminate reliance on vulnerable legacy software. 7) If possible, isolate the affected system within a segmented network zone to limit lateral movement and data exposure. These targeted measures go beyond generic advice by focusing on compensating controls and operational practices tailored to the unsupported nature of the product and the specific vulnerability vector.
Affected Countries
Germany, France, United Kingdom, Italy, Spain, Netherlands, Belgium, Sweden
CVE-2025-3964: Cross-Site Request Forgery in withstars Books-Management-System
Description
A vulnerability, which was classified as problematic, was found in withstars Books-Management-System 1.0. Affected is an unknown function of the file /api/article/del of the component Article Handler. The manipulation leads to cross-site request forgery. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no longer supported by the maintainer.
AI-Powered Analysis
Technical Analysis
CVE-2025-3964 is a Cross-Site Request Forgery (CSRF) vulnerability identified in version 1.0 of the withstars Books-Management-System, specifically affecting an unknown function within the /api/article/del endpoint of the Article Handler component. CSRF vulnerabilities allow an attacker to trick an authenticated user into submitting a forged request to a web application, potentially causing unauthorized actions without the user's consent. In this case, the vulnerability enables remote attackers to manipulate article deletion requests without requiring authentication or elevated privileges, relying only on user interaction (e.g., visiting a malicious webpage). The vulnerability is classified as problematic with a CVSS 4.0 base score of 5.3 (medium severity), reflecting its moderate impact and ease of exploitation. Notably, the affected product version is no longer supported by the vendor, and no official patches or mitigations have been released. Although no known exploits are currently observed in the wild, the public disclosure of the vulnerability increases the risk of exploitation attempts. The vulnerability does not impact confidentiality or availability directly but can affect integrity by allowing unauthorized deletion of articles, potentially disrupting data consistency and user trust in the system. The attack vector is network-based with low complexity, no privileges required, and user interaction necessary, consistent with typical CSRF attack characteristics.
Potential Impact
For European organizations using the withstars Books-Management-System 1.0, this vulnerability poses a risk primarily to data integrity within the affected application. Unauthorized deletion of articles could disrupt business operations, content management workflows, and lead to loss of critical information. Since the product is no longer supported, organizations cannot rely on vendor patches, increasing exposure duration. The impact is particularly relevant for institutions relying on this system for managing publications, libraries, or knowledge bases, where data accuracy and availability are critical. While confidentiality and availability impacts are minimal, the integrity compromise could lead to reputational damage, operational delays, and increased administrative overhead to restore lost content. The requirement for user interaction means that social engineering or phishing campaigns could be leveraged to exploit this vulnerability, potentially targeting employees or users with access to the system. Given the medium severity, the threat is moderate but should not be ignored, especially in sectors with strict data governance requirements such as education, research, and public administration.
Mitigation Recommendations
Since the affected product version is no longer supported and no official patches exist, European organizations should consider the following specific mitigation strategies: 1) Implement Web Application Firewall (WAF) rules to detect and block suspicious CSRF attack patterns targeting the /api/article/del endpoint, including validation of the HTTP Referer and Origin headers. 2) Introduce custom CSRF tokens at the application or proxy level if feasible, to validate legitimate requests and reject forged ones. 3) Restrict access to the Books-Management-System API endpoints by IP whitelisting or VPN-only access to reduce exposure to external attackers. 4) Educate users about phishing and social engineering risks to reduce the likelihood of user interaction with malicious content. 5) Monitor application logs for unusual deletion requests or patterns indicative of CSRF exploitation attempts. 6) Plan and execute migration to a supported and actively maintained content management system to eliminate reliance on vulnerable legacy software. 7) If possible, isolate the affected system within a segmented network zone to limit lateral movement and data exposure. These targeted measures go beyond generic advice by focusing on compensating controls and operational practices tailored to the unsupported nature of the product and the specific vulnerability vector.
Affected Countries
For access to advanced analysis and higher rate limits, contact root@offseq.com
Technical Details
- Data Version
- 5.1
- Assigner Short Name
- VulDB
- Date Reserved
- 2025-04-26T07:03:42.042Z
- Cisa Enriched
- true
- Cvss Version
- 4.0
- State
- PUBLISHED
Threat ID: 682d983dc4522896dcbef7c5
Added to database: 5/21/2025, 9:09:17 AM
Last enriched: 6/24/2025, 7:06:17 PM
Last updated: 7/28/2025, 10:26:41 AM
Views: 10
Related Threats
CVE-2025-8964: Improper Authentication in code-projects Hostel Management System
MediumCVE-2025-7971: CWE-20: Improper Input Validation in Rockwell Automation Studio 5000 Logix Designer®
HighCVE-2025-40758: CWE-347: Improper Verification of Cryptographic Signature in Siemens Mendix SAML (Mendix 10.12 compatible)
HighCVE-2025-36613: CWE-266: Incorrect Privilege Assignment in Dell SupportAssist for Home PCs
LowCVE-2025-27845: n/a
CriticalActions
Updates to AI analysis are available only with a Pro account. Contact root@offseq.com for access.
External Links
Need enhanced features?
Contact root@offseq.com for Pro access with improved analysis and higher rate limits.