Apache Cordova Android prior to 3.5.1 allows remote malicious users to change the start page via a crafted intent URL.
apache cordova