{"id":38166,"date":"2025-03-19T03:36:25","date_gmt":"2025-03-18T22:06:25","guid":{"rendered":"https:\/\/www.getastra.com\/blog\/?p=38166"},"modified":"2025-04-23T13:03:00","modified_gmt":"2025-04-23T07:33:00","slug":"content-spoofing-vulnerability-in-rosariosis-student-information-system","status":"publish","type":"post","link":"https:\/\/www.getastra.com\/blog\/vulnerability\/content-spoofing-vulnerability-in-rosariosis-student-information-system\/","title":{"rendered":"Content Spoofing Vulnerability in RosarioSIS\u00a0Student Information System"},"content":{"rendered":"
\n\n

Product Name:<\/strong>\u00a0RosarioSIS Student Information System
Vulnerability:<\/strong>\u00a0Content Spoofing
Vulnerable Version:\u00a0<\/strong>v12.0.0
CVE:<\/strong>\u00a0CVE-2025-29621<\/p>\n\n<\/div>\n\n\n

<\/p>\n\n\n\n

The researchers from Astra\u2019s security team, on March 4, 2025, discovered a content spoofing vulnerability in the Demo Web Application. This issue was identified in the “Theme” configuration under “My Preferences,” where improper user input validation allowed attackers to manipulate application settings.<\/p>\n\n\n\n

A content spoofing vulnerability occurs when an application fails to validate and sanitize user input, allowing attackers to alter displayed content, leading to user interface disruptions or security risks.<\/p>\n\n\n\n

Technical Breakdown<\/strong><\/h3>\n\n\n\n

How was it discovered?<\/strong><\/h4>\n\n\n\n

The vulnerability was identified when security researchers analyzed the “Theme” configuration settings in the Demo Web Application. During testing, it was observed that improper input validation allowed modification of the values[Preferences][THEME] parameter, leading to UI failures and rendering issues. This discovery highlighted a lack of input sanitization, making the application susceptible to further exploitation.<\/p>\n\n\n\n

How do we recreate this vulnerability?<\/strong><\/h4>\n\n\n\n

The issue is exploited as follows:<\/p>\n\n\n\n

    \n
  1. The user logs into the Demo Web Application.<\/li>\n\n\n\n
  2. Under the “Users” option, the “My Preferences” section is accessed.<\/li>\n\n\n\n
  3. A theme selection is made under “Display Options,” and the settings are saved.<\/li>\n\n\n\n
  4. The HTTP request containing the values[Preferences][THEME]<\/code> parameter is intercepted via Burp Suite.<\/li>\n\n\n\n
  5. The value is modified from “FlatSIS” to an arbitrary string like “111111” and forwarded.<\/li>\n\n\n\n
  6. The application processes the invalid input, leading to UI failures and unexpected behavior.<\/li>\n<\/ol>\n\n\n\n

    Impact of Content Spoofing Vulnerability<\/strong><\/h3>\n\n\n\n

    The severity of this vulnerability ranges from moderate to high, depending on the exploitation method. Potential impacts include:<\/p>\n\n\n\n