VMware offers training and certification to turbo-charge your progress.Learn more
Cross-site scripting (XSS) vulnerability in the file upload feature of Spring Batch Admin allows a remote attacker to inject arbitrary web script or HTML via a crafted request related to the file upload functionality.
Users of affected versions should apply the following mitigation:
This vulnerability was responsibly reported by Wen Bin Kong.
The VMware Security Response team provides a single point of contact for the reporting of security vulnerabilities in VMware Tanzu products and coordinates the process of investigating any reported vulnerabilities.
To report a security vulnerability in a VMware service or product please refer to the VMware Security Response Policy.