0.001 Low
EPSS
Percentile
22.9%
spring-batch-admin is vulnerable to cross-site scripting (XSS) attacks. A malicious user can inject and execute malicious javascript through the file upload function.
www.openwall.com/lists/oss-security/2017/08/16/5
github.com/spring-projects/spring-batch-admin/blob/1.3.1.RELEASE/spring-batch-admin-manager/src/main/resources/org/springframework/batch/admin/web/manager/files/html/files.ftl#L64