Apache Cordova Android prior to 3.5.1 allows remote malicious users to bypass the HTTP whitelist and connect to arbitrary servers by using JavaScript to open WebSocket connections through WebView.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
apache cordova 3.5.0 |