org.springframework.batch:spring-batch-admin-manager
Maven3 known CVEs affecting this package
Aggregated from OSV, GitHub Security Advisories, NVD, and vendor advisories. Each CVE links to its full detail page with vendor advisories, patches, fixed versions, and remediation guidance.
CVEs affecting org.springframework.batch:spring-batch-admin-managerpage 1 of 1
- CVE-2017-12881HIGHCVSS 8.8EG 8.8✓ Fixed in 1.3.0.RELEASE2017-08-18
vulnerable: 1.0.0.RELEASE, 1.2.0.RELEASE, 1.2.1.RELEASE, 1.2.2.RELEASE
Cross-site request forgery (CSRF) vulnerability in the Spring Batch Admin before 1.3.0 allows remote attackers to hijack the authentication of unspecified victims and submit arbitrary requests, such as exploiting the file upload vulnerabil…
- CVE-2017-12882MEDIUMCVSS 5.4EG 5.4✓ Fixed in 1.3.0.RELEASE2017-08-18
vulnerable: 1.0.0.RELEASE, 1.2.0.RELEASE, 1.2.1.RELEASE, 1.2.2.RELEASE
Stored Cross-site scripting (XSS) vulnerability in Spring Batch Admin before 1.3.0 allows remote authenticated users to inject arbitrary JavaScript or HTML via the file upload functionality.
- CVE-2018-1229MEDIUMCVSS 6.1EG 6.12018-03-21
vulnerable: 1.0.0.RELEASE ... 1.3.1.RELEASE (6 versions)
Pivotal Spring Batch Admin, all versions, contains a stored XSS vulnerability in the file upload feature. An unauthenticated malicious user with network access to Spring Batch Admin could store an arbitrary web script that would be execute…
Check whether org.springframework.batch:spring-batch-admin-manager is used in your infrastructure
EchelonGraph scans your cloud and SBOMs to map every package to your actual deployments. See blast radius for org.springframework.batch:spring-batch-admin-manager CVEs against the assets you own.
Start Free Scan →