CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2018-1229

Pivotal Spring Batch Admin, all versions, contains a stored XSS vulnerability in the file upload feature. An unauthenticated malicious user with network access to Spring Batch Admin could store an arbitrary web script that would be executed by other users. This issue has not been patched because Spring Batch Admin has reached end of life.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.003

EPSS Ranking 53.2%

CVSS Severity

CVSS v3 Score 6.1

CVSS v2 Score 4.3

References

http://www.securityfocus.com/bid/103462
https://pivotal.io/security/cve-2018-1229
http://www.securityfocus.com/bid/103462
https://pivotal.io/security/cve-2018-1229

Products affected by CVE-2018-1229

Pivotal Software » Spring Batch Admin » Version: Any

cpe:2.3:a:pivotal_software:spring_batch_admin:*

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2018-1229

Products

Pricing

Contact Us