Описание
Pivotal Spring Batch Admin, all versions, contains a stored XSS vulnerability in the file upload feature. An unauthenticated malicious user with network access to Spring Batch Admin could store an arbitrary web script that would be executed by other users. This issue has not been patched because Spring Batch Admin has reached end of life.
Ссылки
- Third Party AdvisoryVDB Entry
- Vendor Advisory
- Third Party AdvisoryVDB Entry
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:pivotal_software:spring_batch_admin:*:*:*:*:*:*:*:*
EPSS
Процентиль: 53%
0.00304
Низкий
6.1 Medium
CVSS3
4.3 Medium
CVSS2
Дефекты
CWE-79
CWE-79
Связанные уязвимости
CVSS3: 6.1
github
больше 3 лет назад
Cross-site Scripting in Pivotal Spring Batch Admin
EPSS
Процентиль: 53%
0.00304
Низкий
6.1 Medium
CVSS3
4.3 Medium
CVSS2
Дефекты
CWE-79
CWE-79