CVE-2017-12882

Name of the Vulnerable Software and Affected Versions Spring Batch Admin versions prior to 1.3.0

Description The issue allows remote authenticated users to inject arbitrary JavaScript or HTML via the file upload functionality, which can lead to stored cross-site scripting (XSS) attacks.

Recommendations For versions prior to 1.3.0, update to version 1.3.0 or later to resolve the issue.