First published: Wed Mar 21 2018(Updated: )
Pivotal Spring Batch Admin, all versions, contains a stored XSS vulnerability in the file upload feature. An unauthenticated malicious user with network access to Spring Batch Admin could store an arbitrary web script that would be executed by other users. This issue has not been patched because Spring Batch Admin has reached end of life.
Credit: security_alert@emc.com security_alert@emc.com
Affected Software | Affected Version | How to fix |
---|---|---|
Pivotal Software Spring Batch Admin | ||
maven/org.springframework.batch:spring-batch-admin-manager | <=2.0.0.M1 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.