cbcvebase.
CVE-2025-3961
published 2025-04-27

CVE-2025-3961: A vulnerability classified as problematic has been found in withstars Books-Management-System 1.0. This affects an unknown part of the file…

PriorityP421medium4.1CVSS 3.1
AVNACLPRLUIRSCCNILAN
EPSS
0.34%
25.6th percentile
A vulnerability classified as problematic has been found in withstars Books-Management-System 1.0. This affects an unknown part of the file /admin/article/add/do. The manipulation of the argument Title leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. Other parameters might be affected as well. This vulnerability only affects products that are no longer supported by the maintainer.

Affected

1 ranges
VendorProductVersion rangeFixed in
withstarsbooks-management-system

CVSS provenance

nvdv3.14.1MEDIUMCVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:N/I:L/A:N
nvdv4.05.1MEDIUMCVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
nvdv2.04.0MEDIUMAV:N/AC:L/Au:S/C:N/I:P/A:N
vendor_oracle9.8CRITICAL
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.