Description
Pivotal Spring Batch Admin, all versions, does not contain cross site request forgery protection. A remote unauthenticated user could craft a malicious site that executes requests to Spring Batch Admin. This issue has not been patched because Spring Batch Admin has reached end of life.
Remediation
References
https://pivotal.io/security/cve-2018-1230
http://www.securityfocus.com/bid/103463
Related Vulnerabilities
CVE-2022-36887 Vulnerability in maven package org.jenkins-ci.plugins:jobconfighistory
CVE-2023-46660 Vulnerability in maven package org.jenkins-ci.plugins:zanata
CVE-2022-39248 Vulnerability in maven package org.matrix.android:matrix-android-sdk2
CVE-2015-8859 Vulnerability in maven package org.webjars.npm:send
CVE-2018-1000145 Vulnerability in maven package org.jvnet.hudson.plugins:perforce