CVE-2018-1230

CVE-2018-1230

Vendor Spring By Pivotal
Product Spring Batch Admin
Weakness CWE-352 · CSRF
Published March 21, 2018
Last update September 16, 2024

CVSS base score

What the vulnerability does

01Description

Pivotal Spring Batch Admin, all versions, does not contain cross site request forgery protection. A remote unauthenticated user could craft a malicious site that executes requests to Spring Batch Admin. This issue has not been patched because Spring Batch Admin has reached end of life.

Key dates

02Disclosure timeline

March 21, 2018 CVE published
September 16, 2024 Record updated

Related vulnerabilities

04Related CVE