Apache Cordova Android prior to 3.7.2 and 4.x prior to 4.0.2, when an application does not set explicit values in config.xml, allows remote malicious users to modify undefined secondary configuration variables (preferences) via a crafted intent: URL.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
apache cordova 4.0.1 |
||
apache cordova 4.0.0 |
||
apache cordova |