Lucene search
K

5 matches found

NVD
NVD
added 2023/07/15 7:15 p.m.43 views

CVE-2023-2507

CleverTap Cordova Plugin version 2.6.2 allows a remote attacker to execute JavaScript code in any application that is opened via a specially constructed deeplink by an attacker. This is possible because the plugin does not correctly validate the data coming from the deeplinks before using them...

9.3CVSS0.00672EPSS
Exploits1References3
Prion
Prion
added 2023/07/15 7:15 p.m.23 views

Code injection

CleverTap Cordova Plugin version 2.6.2 allows a remote attacker to execute JavaScript code in any application that is opened via a specially constructed deeplink by an attacker. This is possible because the plugin does not correctly validate the data coming from the deeplinks before using them...

5.8CVSS6.2AI score0.00672EPSS
Exploits1References2Affected Software1
Vulnrichment
Vulnrichment
added 2023/07/15 6:45 p.m.11 views

CVE-2023-2507 CleverTap Cordova Plugin 2.6.2 - Reflected XSS

CleverTap Cordova Plugin version 2.6.2 allows a remote attacker to execute JavaScript code in any application that is opened via a specially constructed deeplink by an attacker. This is possible because the plugin does not correctly validate the data coming from the deeplinks before using them...

9.3CVSS6.8AI score0.00672EPSS
Exploits1References3
OSV
OSV
added 2023/07/15 6:45 p.m.19 views

CVE-2023-2507 CleverTap Cordova Plugin 2.6.2 - Reflected XSS

CleverTap Cordova Plugin version 2.6.2 allows a remote attacker to execute JavaScript code in any application that is opened via a specially constructed deeplink by an attacker. This is possible because the plugin does not correctly validate the data coming from the deeplinks before using them...

9.3CVSS7.1AI score0.00672EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 2023/07/15 12:0 a.m.9 views

PT-2023-19912 · Clevertap · Clevertap Cordova Plugin

Name of the Vulnerable Software and Affected Versions: CleverTap Cordova Plugin version 2.6.2 Description: The CleverTap Cordova Plugin does not correctly validate the data coming from deeplinks before using them, allowing a remote attacker to execute JavaScript code in any application that is...

9.3CVSS6.9AI score0.00672EPSS
Exploits1References11
Rows per page
Query Builder