Back to list
[CVE-2014-0073] Apache Cordova In-App-Browser privilege escalation
Mar 04 2014 01:18PM
iclelland chromium org
CVE-2014-0073: Apache Cordova In-App-Browser privilege escalation
The Apache Software Foundation
Cordova In-App-Browser iOS plugin from Cordova versions 2.6.0 to 2.9.0
Cordova In-App-Browser iOS standalone plugin (org.apache.cordova.inappbrowser) versions 0.1.0 to 0.3.1
An exploit was found in the InAppBrowser plugin that would allow a
problem has been fixed in the latest version of the plugin (v0.3.2). We
recommend affected projects update their plugin.
Developers using the In-App Browser plugin in their applications should
upgrade to version 0.3.2
This issue was discovered by Neil Bergman of Cigital, Inc.
[ reply ]
Copyright 2010, SecurityFocus