Privilege Escalation
Affecting cordova-plugin-inappbrowser package, versions <0.3.2
Report new vulnerabilities
Do your applications use this vulnerable package?
Test your applications
Overview
cordova-plugin-inappbrowser
is a cordova InAppBrowser Plugin.
Affected versions of the package are vulnerable to Privilege Escalation. The CDVInAppBrowser class in the Apache Cordova In-App-Browser standalone plugin (org.apache.cordova.inappbrowser) before 0.3.2 for iOS and the In-App-Browser plugin for iOS from Cordova 2.6.0 through 2.9.0 does not properly validate callback identifiers, which allows remote attackers to execute arbitrary JavaScript in the host page and consequently gain privileges via a crafted gap-iab: URI.
Remediation
Upgrade cordova-plugin-inappbrowser
to version 0.3.2 or higher.
References
CVSS Score
6.5
medium severity
-
Attack VectorNetwork
-
Attack ComplexityLow
-
Privileges RequiredNone
-
User InteractionNone
-
ScopeUnchanged
-
ConfidentialityLow
-
IntegrityLow
-
AvailabilityNone
- Credit
- Neil Bergman
- CVE
- CVE-2014-0073
- CWE
- CWE-264
- Snyk ID
- npm:cordova-plugin-inappbrowser:20140219
- Disclosed
- 18 Feb, 2014
- Published
- 09 Nov, 2017