CRLF injection vulnerability in the Apache Cordova File Transfer Plugin (cordova-plugin-file-transfer) for Android prior to 1.3.0 allows remote malicious users to inject arbitrary headers via CRLF sequences in the filename of an uploaded file.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
apache cordova file transfer |