Description
Pivotal Spring Batch Admin, all versions, contains a stored XSS vulnerability in the file upload feature. An unauthenticated malicious user with network access to Spring Batch Admin could store an arbitrary web script that would be executed by other users. This issue has not been patched because Spring Batch Admin has reached end of life.
Remediation
References
http://www.securityfocus.com/bid/103462
https://pivotal.io/security/cve-2018-1229
Related Vulnerabilities
CVE-2015-5258 Vulnerability in maven package org.springframework.social:spring-social-core
CVE-2019-19771 Vulnerability in npm package dhkey
CVE-2022-33891 Vulnerability in maven package org.apache.spark:spark-core_2.12
CVE-2021-23395 Vulnerability in npm package nedb
CVE-2020-7743 Vulnerability in maven package org.webjars.bower:mathjs