Description

Apache Cordova Android before 3.5.1 allows remote attackers to change the start page via a crafted intent URL.

Remediation

References

http://cordova.apache.org/announcements/2014/08/04/android-351.html

http://www.securityfocus.com/bid/69038

Related Vulnerabilities

CVE-2023-32986 Vulnerability in maven package io.jenkins.plugins:file-parameters

CVE-2019-10282 Vulnerability in maven package hudson.plugins.klaros:klaros-testmanagement

CVE-2019-1352 Vulnerability in maven package org.webjars.npm:nodegit

CVE-2022-38180 Vulnerability in maven package io.ktor:ktor-client-core

CVE-2019-10460 Vulnerability in maven package org.jenkins-ci.plugins:bitbucket-oauth

Severity

Critical

Classification

CWE-17

Tags

Vendor Advisory