2 matches found
CVE-2017-12882
Stored Cross-site scripting XSS vulnerability in Spring Batch Admin before 1.3.0 allows remote authenticated users to inject arbitrary JavaScript or HTML via the file upload functionality...
CVE-2017-12882
CVE-2017-12882 : Stored XSS in Spring Batch Admin pre-1.3.0 via the file upload feature. Root cause: unescaped input leading to execution of arbitrary JavaScript/HTML in authenticated user sessions. Affected: Spring Batch Admin versions before 1.3.0. Remediation: upgrade to 1.3.0 or later (patch/...