Description

Apache Cordova Android before 3.5.1 allows remote attackers to change the start page via a crafted intent URL.

Remediation

References

http://cordova.apache.org/announcements/2014/08/04/android-351.html

http://www.securityfocus.com/bid/69038

Related Vulnerabilities

CVE-2020-13934 Vulnerability in maven package org.apache.tomcat.embed:tomcat-embed-core

CVE-2022-28150 Vulnerability in maven package com.synopsys.jenkinsci:ownership

CVE-2023-30542 Vulnerability in npm package @openzeppelin/contracts-upgradeable

CVE-2018-15494 Vulnerability in maven package org.webjars.bowergithub.dojo:dojox

CVE-2019-25027 Vulnerability in maven package com.vaadin:flow-server

Severity

Critical

Classification

CWE-17

Tags

Vendor Advisory