CVE-2015-5204
CVE-2015-5204 affects the cordova-plugin-file-transfer for Android (versions 1.2.1 and earlier). The root cause is HTTP header injection via improper validation of the Filename argument, allowing an attacker to inject CRLF sequences and thus manipulate headers in the HTTP response. Documented imp...