CVE-2017-12881

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2017-12881
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2017-12881.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2017-12881
Aliases
Published
2017-08-18T18:29:03.220Z
Modified
2026-04-10T03:55:08.290735Z
Severity
  • 8.8 (High) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVSS Calculator
Summary
[none]
Details

Cross-site request forgery (CSRF) vulnerability in the Spring Batch Admin before 1.3.0 allows remote attackers to hijack the authentication of unspecified victims and submit arbitrary requests, such as exploiting the file upload vulnerability.

References

Affected packages

Git / github.com/spring-attic/spring-batch-admin

Affected ranges

Type
GIT
Repo
https://github.com/spring-attic/spring-batch-admin
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
14ea5ca8848b6e383e89408f1e948d467fd3029c
Database specific 
{
    "versions": [
        {
            "introduced": "0"
        },
        {
            "last_affected": "1.2.1"
        }
    ]
}

Affected versions

1.*
1.2.0.RC1
1.2.1.RELEASE

Database specific

source 
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2017-12881.json"