Description
Pivotal Spring Batch Admin, all versions, does not contain cross site request forgery protection. A remote unauthenticated user could craft a malicious site that executes requests to Spring Batch Admin. This issue has not been patched because Spring Batch Admin has reached end of life.
Remediation
References
http://www.securityfocus.com/bid/103463
https://pivotal.io/security/cve-2018-1230
Related Vulnerabilities
CVE-2020-13697 Vulnerability in maven package org.nanohttpd:nanohttpd-nanolets
CVE-2019-11808 Vulnerability in maven package io.ratpack:ratpack-session
CVE-2019-10361 Vulnerability in maven package org.jenkins-ci.plugins.m2release:m2release
CVE-2022-42466 Vulnerability in maven package org.apache.isis.commons:isis-commons
CVE-2018-3774 Vulnerability in maven package org.webjars.npm:url-parse