← back
CVE-2018-1229

CVE-2018-1229

EPSS 0.8%CWE-79
Vexday Risk Score
3Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS EPSS 0.8%KEV nãoPoC Nuclei Metasploit Patch
Lifecycle
21 Mar 2018Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
Pivotal Spring Batch Admin, all versions, contains a stored XSS vulnerability in the file upload feature. An unauthenticated malicious user with network access to Spring Batch Admin could store an arbitrary web script that would be executed by other users. This issue has not been patched because Spring Batch Admin has reached end of life.
Affected products
Spring by Pivotal · Spring Batch Admin

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://pivotal.io/security/cve-2018-1229http://www.securityfocus.com/bid/103462