Cross-site request forgery (CSRF) vulnerability in the Spring Batch Admin before 1.3.0 allows remote attackers to hijack the authentication of unspecified victims and submit arbitrary requests, such as exploiting the file upload vulnerability.
References
Link | Resource |
---|---|
http://www.openwall.com/lists/oss-security/2017/08/16/5 | Mailing List Third Party Advisory |
http://www.securityfocus.com/bid/100410 | Third Party Advisory VDB Entry |
http://www.openwall.com/lists/oss-security/2017/08/16/5 | Mailing List Third Party Advisory |
http://www.securityfocus.com/bid/100410 | Third Party Advisory VDB Entry |
Configurations
History
21 Nov 2024, 03:10
Type | Values Removed | Values Added |
---|---|---|
References | () http://www.openwall.com/lists/oss-security/2017/08/16/5 - Mailing List, Third Party Advisory | |
References | () http://www.securityfocus.com/bid/100410 - Third Party Advisory, VDB Entry |
Information
Published : 2017-08-18 18:29
Updated : 2024-11-21 03:10
NVD link : CVE-2017-12881
Mitre link : CVE-2017-12881
CVE.ORG link : CVE-2017-12881
JSON object : View
Products Affected
spring_batch_admin_project
- spring_batch_admin
CWE
CWE-352
Cross-Site Request Forgery (CSRF)