mailing list archives
[CVE-2014-0073] Apache Cordova In-App-Browser privilege escalation
From: iclelland () chromium org
Date: Tue, 4 Mar 2014 13:18:12 GMT
CVE-2014-0073: Apache Cordova In-App-Browser privilege escalation
The Apache Software Foundation
Cordova In-App-Browser iOS plugin from Cordova versions 2.6.0 to 2.9.0
Cordova In-App-Browser iOS standalone plugin (org.apache.cordova.inappbrowser) versions 0.1.0 to 0.3.1
An exploit was found in the InAppBrowser plugin that would allow a
problem has been fixed in the latest version of the plugin (v0.3.2). We
recommend affected projects update their plugin.
Developers using the In-App Browser plugin in their applications should
upgrade to version 0.3.2
This issue was discovered by Neil Bergman of Cigital, Inc.
- [CVE-2014-0073] Apache Cordova In-App-Browser privilege escalation iclelland (Mar 04)