2 matches found
CVE-2012-6637
Apache Cordova 3.3.0 and earlier and Adobe PhoneGap 2.9.0 and earlier do not anchor the end of domain-name regular expressions, which allows remote attackers to bypass a whitelist protection mechanism via a domain name that contains an acceptable name as an initial substring...
CVE-2012-6637
Cordova 3.3.0 and earlier and Adobe PhoneGap 2.9.0 and earlier are affected by a flaw in the domain-name whitelist check: the end of domain-name regular expressions is not anchored, allowing a domain that contains an acceptable name as an initial substring to bypass the whitelist. This is a code/...