High severity8.8NVD Advisory· Published Aug 18, 2017· Updated Jun 17, 2026
CVE-2017-12881
CVE-2017-12881
Description
Cross-site request forgery (CSRF) vulnerability in the Spring Batch Admin before 1.3.0 allows remote attackers to hijack the authentication of unspecified victims and submit arbitrary requests, such as exploiting the file upload vulnerability.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
org.springframework.batch:spring-batch-admin-managerMaven | < 1.3.0.RELEASE | 1.3.0.RELEASE |
Affected products
2- cpe:2.3:a:spring_batch_admin_project:spring_batch_admin:*:*:*:*:*:*:*:*Range: <=1.2.1
Patches
Vulnerability mechanics
References
4- www.openwall.com/lists/oss-security/2017/08/16/5nvdMailing ListThird Party AdvisoryWEB
- www.securityfocus.com/bid/100410nvdThird Party AdvisoryVDB Entry
- github.com/advisories/GHSA-274r-p6v6-fhh4ghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2017-12881ghsaADVISORY
News mentions
0No linked articles in our index yet.