Lucene search
China National Vulnerability DatabaseCNVD-2022-71401HistoryApr 22, 2022 - 12:00 a.m.
Apache Cordova Cross-Site Scripting Vulnerability
2022-04-2200:00:00
China National Vulnerability Database
www.cnvd.org.cn
6
0.005 Low
EPSS
Percentile
76.5%
A cross-site scripting vulnerability exists in Apache Cordova InAppBrowser 3.0.0 and prior versions. An attacker could exploit the vulnerability to execute arbitrary JavaScript code in the main application web view with the help of a specially crafted gap-iab:URI.
| CPE | Name | Operator | Version |
|---|---|---|---|
| apache cordova inappbrowser | le | 3.0.0 |
Related
nvd
nvd
CVE-2019-0219
2020-01-14 15:15:12
cve
cve
CVE-2019-0219
2020-01-14 15:15:12
prion
prion
Code injection
2020-01-14 15:15:00
symantec
symantec
ibm
ibm
nodejs
nodejs
Privilege Escalation
2020-01-30 20:43:55
cvelist
cvelist
CVE-2019-0219
2020-01-14 14:18:22
veracode
veracode
Privilege Escalation
2019-11-29 05:17:26
osv
osv
Privilege Escalation in cordova-plugin-inappbrowser
2020-09-04 17:57:43
github
github
Privilege Escalation in cordova-plugin-inappbrowser
2020-09-04 17:57:43
oracle
oracle
Oracle Critical Patch Update Advisory - July 2022
2022-07-19 00:00:00
Oracle Critical Patch Update Advisory - July 2021
2021-07-20 00:00:00
Oracle Critical Patch Update Advisory - April 2021
2021-04-20 00:00:00