Vulnerability Details CVE-2017-12881
Cross-site request forgery (CSRF) vulnerability in the Spring Batch Admin before 1.3.0 allows remote attackers to hijack the authentication of unspecified victims and submit arbitrary requests, such as exploiting the file upload vulnerability.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.008
EPSS Ranking 51.5%
CVSS Severity
CVSS v3 Score 8.8
CVSS v2 Score 6.8
References
Products affected by CVE-2017-12881
-
cpe:2.3:a:spring_batch_admin_project:spring_batch_admin:1.0.0
-
cpe:2.3:a:spring_batch_admin_project:spring_batch_admin:1.2.0