Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

2 matches found

Veracode
Veracodeadded 2017/01/31 6:21 a.m.16 views

Bypassing Device-Resource Restrictions

Cordova is vulnerable to the bypass of intended device-resource restrictions. Leveraging on an event-based bridge, a library clone, and an IFRAME script execution, a remote attacker is able to wait for a certain amount of time for an OnJsPrompt handler return value as an alternative to correct...

7.5CVSS6.2AI score0.01857EPSS
Exploits1References10Affected Software1
Prion
Prionadded 2014/03/03 4:50 a.m.12 views

Code injection

Apache Cordova 3.3.0 and earlier and Adobe PhoneGap 2.9.0 and earlier allow remote attackers to bypass intended device-resource restrictions of an event-based bridge via a crafted library clone that leverages IFRAME script execution and waits a certain amount of time for an OnJsPrompt handler...

7.5CVSS7.2AI score0.01857EPSS
Exploits1References5Affected Software2
Rows per page
Query Builder