Lucene search
K

3 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2018/06/17 10:31 p.m.26 views

Security Bulletin: IBM Mobile Foundation, IBM Worklight, and IBM Worklight Foundation are affected by the following Apache Cordova vulnerabilities: CVE-2014-3500, CVE-2014-3501 and CVE-2014-3502

Summary Apache Cordova, which is used by these products, is vulnerable to Cross-Application Scripting XAS and Data Exfiltration vulnerabilities. A remote attacker might exploit these vulnerabilities to expose sensitive data from the mobile application. Vulnerability Details CVEID: CVE-2014-3500...

6.4CVSS0.9AI score0.04964EPSS
Exploits0Affected Software1
CVE
CVE
added 2014/11/15 9:0 p.m.70 views

CVE-2014-3500

Apache Cordova for Android (pre-3.5.1) is vulnerable to Cross-Application Scripting via crafted Android intents that can change the start page, enabling an attacker to execute script in the victim’s browser and potentially steal cookie-based credentials. The issue stems from insufficient input va...

6.4CVSS6.5AI score0.04062EPSS
Exploits0References2Affected Software1
securityvulns
securityvulns
added 2014/08/11 12:0 a.m.109 views

(CVE-2014-3501/2/3) Apache Cordova for Android - Multiple Vulnerabilities

Hi, We have recently discovered a severe Cross-Application Scripting XAS vulnerability in Apache Cordova for Android. This vulnerability enables theft of sensitive information from Crodova-based apps both locally by malware and also remotely by using drive-by exploitation techniques. In addition,...

6.4CVSS0.9AI score0.04964EPSS
Exploits1
Rows per page
Query Builder