35 matches found
EUVD-2018-11863
Malware in sbrugna...
EUVD-2017-4405
Malware in sbrugna...
EUVD-2017-4406
Malware in sbrugna...
EUVD-2022-2359
Malicious code in bioql PyPI...
GHSA-49MJ-77Q5-QW5G Spring Batch Admin vulnerable to Stored Cross-site scripting (XSS) in the file upload functionality
Stored Cross-site scripting XSS vulnerability in Spring Batch Admin before 1.3.0 allows remote authenticated users to inject arbitrary JavaScript or HTML via the file upload functionality...
Spring Batch Admin vulnerable to Stored Cross-site scripting (XSS) in the file upload functionality
Stored Cross-site scripting XSS vulnerability in Spring Batch Admin before 1.3.0 allows remote authenticated users to inject arbitrary JavaScript or HTML via the file upload functionality...
Spring Batch Admin vulnerable to Cross-site request forgery (CSRF) in the file upload functionality
Cross-site request forgery CSRF vulnerability in the Spring Batch Admin before 1.3.0 allows remote attackers to hijack the authentication of unspecified victims and submit arbitrary requests, such as exploiting the file upload vulnerability...
GHSA-274R-P6V6-FHH4 Spring Batch Admin vulnerable to Cross-site request forgery (CSRF) in the file upload functionality
Cross-site request forgery CSRF vulnerability in the Spring Batch Admin before 1.3.0 allows remote attackers to hijack the authentication of unspecified victims and submit arbitrary requests, such as exploiting the file upload vulnerability...
com.mozu:mozu-api-jobs (>=1.0.13 <=1.0.23), gradle.plugin.com.atc.gradle.plugins.xd:spring-xd-deploy-plugin (>=0.0.1 <=0.0.8) +25 more potentially affected by CVE-2018-1229 via org.springframework.batch:spring-batch-admin-manager (>=1.3.0.RELEASE <=1.3.1.RELEASE)
org.springframework.batch:spring-batch-admin-manager MAVEN version =1.3.0.RELEASE, =1.0.13, =0.0.1, =1.3.1.RELEASE, =1.6.0.RELEASE, =1.0.0.RELEASE, =1.0.0.RELEASE, =1.1.0.RELEASE, =1.0.0.RELEASE, =1.0.0.RELEASE, =1.0.0.RELEASE, =1.1.0.RELEASE, =1.7.3.RELEASE -...
Cross-site Scripting in Pivotal Spring Batch Admin
Pivotal Spring Batch Admin, all versions, contains a stored XSS vulnerability in the file upload feature. An unauthenticated malicious user with network access to Spring Batch Admin could store an arbitrary web script that would be executed by other users. This issue has not been patched because...
GHSA-4CJ8-779H-R25H Cross-site Scripting in Pivotal Spring Batch Admin
Pivotal Spring Batch Admin, all versions, contains a stored XSS vulnerability in the file upload feature. An unauthenticated malicious user with network access to Spring Batch Admin could store an arbitrary web script that would be executed by other users. This issue has not been patched because...
Pivotal Spring Batch Admin Cross-Site Scripting Vulnerability
Pivotal Spring Batch Admin is the U.S. Pivotal Software's set of open source tools for monitoring and managing the Spring Batch system . A cross-site scripting vulnerability exists in the file upload feature in Pivotal Spring Batch Admin. A remote attacker can exploit this vulnerability by sendin...
Cross-site Request Forgery (CSRF)
spring-batch-admin-manager is vulnerable to cross-site request forgery CSRF attacks. These attacks can be performed if a malicious website is set up that executes requests to the Spring Batch Admin...
Cross-site Scripting (XSS)
spring-batch-admin-manager is vulnerable to stored cross-site scripting XSS attacks. Attackers can inject arbitrary webscript or HTML using the file upload feature...
Cross site request forgery (csrf)
Pivotal Spring Batch Admin, all versions, does not contain cross site request forgery protection. A remote unauthenticated user could craft a malicious site that executes requests to Spring Batch Admin. This issue has not been patched because Spring Batch Admin has reached end of life...
Cross site scripting
Pivotal Spring Batch Admin, all versions, contains a stored XSS vulnerability in the file upload feature. An unauthenticated malicious user with network access to Spring Batch Admin could store an arbitrary web script that would be executed by other users. This issue has not been patched because...
CVE-2018-1229
Pivotal Spring Batch Admin, all versions, contains a stored XSS vulnerability in the file upload feature. An unauthenticated malicious user with network access to Spring Batch Admin could store an arbitrary web script that would be executed by other users. This issue has not been patched because...
CVE-2018-1230
Pivotal Spring Batch Admin, all versions, does not contain cross site request forgery protection. A remote unauthenticated user could craft a malicious site that executes requests to Spring Batch Admin. This issue has not been patched because Spring Batch Admin has reached end of life...
CVE-2018-1230
Pivotal Spring Batch Admin, all versions, does not contain cross site request forgery protection. A remote unauthenticated user could craft a malicious site that executes requests to Spring Batch Admin. This issue has not been patched because Spring Batch Admin has reached end of life...
CVE-2018-1230
CVE-2018-1230 concerns a CSRF vulnerability in Pivotal Spring Batch Admin across all versions. According to the connected records, the product does not implement CSRF protections, allowing a remote unauthenticated attacker to induce a user’s browser to perform unauthorized actions against Spring ...