Pivotal Spring Batch Admin, all versions, does not contain cross site request forgery protection. A remote unauthenticated user could craft a malicious site that executes requests to Spring Batch Admin. This issue has not been patched because Spring Batch Admin has reached end of life.
[
{
"product": "Spring Batch Admin",
"vendor": "Spring by Pivotal",
"versions": [
{
"status": "affected",
"version": "All"
}
]
}
]