Vulnerability Details CVE-2017-12881
Cross-site request forgery (CSRF) vulnerability in the Spring Batch Admin before 1.3.0 allows remote attackers to hijack the authentication of unspecified victims and submit arbitrary requests, such as exploiting the file upload vulnerability.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 37.7%
CVSS Severity
CVSS v3 Score 8.8
CVSS v2 Score 6.8
References
Products affected by CVE-2017-12881
-
cpe:2.3:a:spring_batch_admin_project:spring_batch_admin:1.0.0
-
cpe:2.3:a:spring_batch_admin_project:spring_batch_admin:1.2.0