NuytsTech Security

CVE-2015-5256

by ·

Apache Cordova-Android before 4.1.0, when an application relies on a remote server, improperly implements a JavaScript whitelist protection mechanism, which allows attackers to bypass intended access restrictions via a crafted URI.

Date published : 2015-11-23

http://www.securityfocus.com/bid/77677

http://www.securityfocus.com/archive/1/536944/100/0/threaded

Tags: