Directory traversal

2019-01-0923:29:00

PRIOn knowledge base

www.prio-n.com

8.4 High

AI Score

Confidence

High

0.003 Low

EPSS

Percentile

68.0%

JSON

Directory traversal vulnerability in cordova-plugin-ionic-webview versions prior to 2.2.0 (not including 2.0.0-beta.0, 2.0.0-beta.1, 2.0.0-beta.2, and 2.1.0-0) allows remote attackers to access arbitrary files via unspecified vectors.

CPENameOperatorVersion
ionic_web_viewle1.2.1
ionic_web_vieweq2.0.0
ionic_web_viewge2.0.1
ionic_web_viewlt2.2.0

Name	Operator	Version
ionic_web_view	le	1.2.1
ionic_web_view	eq	2.0.0
ionic_web_view	ge	2.0.1
ionic_web_view	lt	2.2.0

References

jvn.jp/en/jp/JVN60497148/index.html

github.com/ionic-team/cordova-plugin-ionic-webview

jvn.jp/en/jp/JVN69812763/index.html

www.npmjs.com/advisories/746