- Description
- A vulnerability, which was classified as problematic, was found in withstars Books-Management-System 1.0. Affected is an unknown function of the file /api/article/del of the component Article Handler. The manipulation leads to cross-site request forgery. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no longer supported by the maintainer.
- Source
- cna@vuldb.com
- NVD status
- Analyzed
- CNA Tags
- unsupported-when-assigned
CVSS 4.0
- Type
- Secondary
- Base score
- 5.3
- Impact score
- -
- Exploitability score
- -
- Vector string
- CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
- Severity
- MEDIUM
CVSS 3.1
- Type
- Secondary
- Base score
- 4.3
- Impact score
- 1.4
- Exploitability score
- 2.8
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
- Severity
- MEDIUM
CVSS 2.0
- Type
- Secondary
- Base score
- 5
- Impact score
- 2.9
- Exploitability score
- 10
- Vector string
- AV:N/AC:L/Au:N/C:N/I:P/A:N
- Hype score
- Not currently trending
CVE-2025-3964 Cross-Site Request Forgery in withstars Books-Management-System 1.... https://t.co/F2hEA6ZZwg Customizable Vulnerability Alerts: https://t.co/U7998fz7yk
@VulmonFeeds
27 Apr 2025
68 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-3964 A vulnerability, which was classified as problematic, was found in withstars Books-Management-System 1.0. Affected is an unknown function of the file /api/article/del o… https://t.co/p3MGM4A4af
@CVEnew
27 Apr 2025
639 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:withstars:books-management-system:1.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A141FEA2-F903-468D-BF48-99360A0FC0E6"
}
],
"operator": "OR"
}
]
}
]