CleverTap Cordova Plugin version 2.6.2 allows a remote malicious user to execute JavaScript code in any application that is opened via a specially constructed deeplink by an attacker. This is possible because the plugin does not correctly validate the data coming from the deeplinks before using them.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
clevertap clevertap 2.6.2 |