Maven package

org.springframework.batch/spring-batch-admin-manager

pkg:maven/org.springframework.batch/spring-batch-admin-manager

Vulnerabilities (3)

CVE	Sev	CVSS	Affected versions	Fixed in	Published	Description
CVE-2018-1229		—	<= 2.0.0.M1	—	Mar 21, 2018	Pivotal Spring Batch Admin, all versions, contains a stored XSS vulnerability in the file upload feature. An unauthenticated malicious user with network access to Spring Batch Admin could store an arbitrary web script that would be executed by other users. This issue has not been
CVE-2017-12882	Med	5.4	< 1.3.0.RELEASE	1.3.0.RELEASE	Aug 18, 2017	Stored Cross-site scripting (XSS) vulnerability in Spring Batch Admin before 1.3.0 allows remote authenticated users to inject arbitrary JavaScript or HTML via the file upload functionality.
CVE-2017-12881	Hig	8.8	< 1.3.0.RELEASE	1.3.0.RELEASE	Aug 18, 2017	Cross-site request forgery (CSRF) vulnerability in the Spring Batch Admin before 1.3.0 allows remote attackers to hijack the authentication of unspecified victims and submit arbitrary requests, such as exploiting the file upload vulnerability.

CVE-2018-1229Mar 21, 2018
affected <= 2.0.0.M1
Pivotal Spring Batch Admin, all versions, contains a stored XSS vulnerability in the file upload feature. An unauthenticated malicious user with network access to Spring Batch Admin could store an arbitrary web script that would be executed by other users. This issue has not been
CVE-2017-12882MedAug 18, 2017
affected < 1.3.0.RELEASEfixed 1.3.0.RELEASE
Stored Cross-site scripting (XSS) vulnerability in Spring Batch Admin before 1.3.0 allows remote authenticated users to inject arbitrary JavaScript or HTML via the file upload functionality.
CVE-2017-12881HigAug 18, 2017
affected < 1.3.0.RELEASEfixed 1.3.0.RELEASE
Cross-site request forgery (CSRF) vulnerability in the Spring Batch Admin before 1.3.0 allows remote attackers to hijack the authentication of unspecified victims and submit arbitrary requests, such as exploiting the file upload vulnerability.