Description
Pivotal Spring Batch Admin, all versions, contains a stored XSS vulnerability in the file upload feature. An unauthenticated malicious user with network access to Spring Batch Admin could store an arbitrary web script that would be executed by other users. This issue has not been patched because Spring Batch Admin has reached end of life.
Remediation
References
https://pivotal.io/security/cve-2018-1229
http://www.securityfocus.com/bid/103462
Related Vulnerabilities
CVE-2022-29567 Vulnerability in maven package com.vaadin:vaadin
CVE-2021-32809 Vulnerability in maven package org.webjars.bowergithub.ckeditor:ckeditor4
CVE-2022-28366 Vulnerability in maven package org.codelibs:nekohtml
CVE-2021-41084 Vulnerability in maven package org.http4s:http4s-server_3
CVE-2021-29445 Vulnerability in npm package jose-node-esm-runtime