Vulnerabilities (CVE)

Filtered by vendor Pivotal Software Subscribe
Filtered by product Spring Batch Admin
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2018-1230 1 Pivotal Software 1 Spring Batch Admin 2024-02-04 6.8 MEDIUM 8.8 HIGH
Pivotal Spring Batch Admin, all versions, does not contain cross site request forgery protection. A remote unauthenticated user could craft a malicious site that executes requests to Spring Batch Admin. This issue has not been patched because Spring Batch Admin has reached end of life.
CVE-2018-1229 1 Pivotal Software 1 Spring Batch Admin 2024-02-04 4.3 MEDIUM 6.1 MEDIUM
Pivotal Spring Batch Admin, all versions, contains a stored XSS vulnerability in the file upload feature. An unauthenticated malicious user with network access to Spring Batch Admin could store an arbitrary web script that would be executed by other users. This issue has not been patched because Spring Batch Admin has reached end of life.