Lucene search
K

27 matches found

NVD
NVD
added 2020/01/14 3:15 p.m.38 views

CVE-2019-0219

A website running in the InAppBrowser webview on Android could execute arbitrary JavaScript in the main application's webview using a specially crafted gap-iab: URI...

9.8CVSS9.2AI score0.0783EPSS
Exploits0References6
EUVD
EUVD
added 2020/01/14 2:18 p.m.6 views

EUVD-2020-0969

A website running in the InAppBrowser webview on Android could execute arbitrary JavaScript in the main application's webview using a specially crafted gap-iab: URI...

9.8CVSS9.2AI score0.0783EPSS
Exploits0References8
Cvelist
Cvelist
added 2020/01/14 2:18 p.m.34 views

CVE-2019-0219

A website running in the InAppBrowser webview on Android could execute arbitrary JavaScript in the main application's webview using a specially crafted gap-iab: URI...

9.3AI score0.0783EPSS
Exploits0References6
CVE
CVE
added 2020/01/14 2:18 p.m.112 views

CVE-2019-0219

CVE-2019-0219 affects Cordova InAppBrowser plugin in Cordova Android apps prior to version 3.1.0. A website running in the InAppBrowser webview can exploit a specially crafted gap-iab: URI to execute arbitrary JavaScript in the host app’s main webview, enabling potential privilege escalation. Doc...

9.8CVSS9.1AI score0.0783EPSS
Exploits0References6Affected Software1
Symantec
Symantec
added 2019/11/27 12:0 a.m.53 views

Apache cordova-plugin-inappbrowser CVE-2019-0219 Privilege Escalation Vulnerability

Description Apache cordova-plugin-inappbrowser is prone to a privilege-escalation vulnerability. Remote attackers can exploit this issue to gain elevated privileges or execute arbitrary code in the context of the affected application. Versions prior to Apache cordova-plugin-inappbrowser 3.1.0 are...

3.5AI score0.0783EPSS
Exploits0References5Affected Software1
BDU FSTEC
BDU FSTEC
added 2018/02/01 12:0 a.m.8 views

The vulnerability of the CDVInAppBrowser class in Cordova In-App-Browser extensions allows a hacker to elevate their privileges and execute arbitrary JavaScript code.

The vulnerability of the CDVInAppBrowser extension in Cordova In-App-Browsers is related to deficiencies in access control. Exploiting this vulnerability allows a malicious actor to execute arbitrary JavaScript code and enhance their privileges through specially crafted URIs...

9.8CVSS5.9AI score0.08128EPSS
Exploits1References9Affected Software2
seebug.org
seebug.org
added 2014/03/07 12:0 a.m.30 views

Apache Cordova InAppBrowser远程权限提升漏洞

BUGTRAQ ID: 65959 CVECAN ID: CVE-2014-0073 Cordova InAppBrowser是在您使用window.open呼叫时应用内显示的Web浏览器。 Cordova 2.6.0-2.9.0版本内的Cordova InAppBrowser iOS插件、Cordova InAppBrowser iOS单机版插件0.1.0-0.3.1版本在实现上存在远程权限提升漏洞,远程攻击者可利用该漏洞提升权限,执行未授权操作。 0 Apache Group Cordova 2.6.0 - 2.9.0 厂商补丁: Apache Group ------------...

9AI score0.08128EPSS
Exploits1
Rows per page
Query Builder