Stored XSS Vulnerability in Pivotal Spring Batch Admin: Unpatched File Upload Exploit

Stored XSS Vulnerability in Pivotal Spring Batch Admin: Unpatched File Upload Exploit

CVE-2018-1229 · MEDIUM Severity

AV:N/AC:M/AU:N/C:N/I:P/A:N

Pivotal Spring Batch Admin, all versions, contains a stored XSS vulnerability in the file upload feature. An unauthenticated malicious user with network access to Spring Batch Admin could store an arbitrary web script that would be executed by other users. This issue has not been patched because Spring Batch Admin has reached end of life.

Learn more about our Web App Pen Testing.