Apache Cordova-Android prior to 3.7.0 improperly generates random values for BridgeSecret data, which makes it easier for malicious users to conduct bridge hijacking attacks by predicting a value.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
apache cordova |