RSS   Vulnerabilities for 'Spring batch admin'   RSS

2017-08-18
 
CVE-2017-12882

 

 
Stored Cross-site scripting (XSS) vulnerability in Spring Batch Admin before 1.3.0 allows remote authenticated users to inject arbitrary JavaScript or HTML via the file upload functionality.

 
 
CVE-2017-12881

 

 
Cross-site request forgery (CSRF) vulnerability in the Spring Batch Admin before 1.3.0 allows remote attackers to hijack the authentication of unspecified victims and submit arbitrary requests, such as exploiting the file upload vulnerability.

 


Copyright 2024, cxsecurity.com

 

Back to Top