Intent URL Manipulation Vulnerability in Apache Cordova for Android
CVE-2014-3500

Currently unrated

Key Information:

Vendor: Apache
Status: Cordova
Vendor: CVE Published:; 15 November 2014

Summary

A vulnerability in Apache Cordova for Android prior to version 3.5.1 exposes applications to security risks, enabling remote attackers to manipulate the start page using crafted intent URLs. This flaw can potentially redirect users and compromise the integrity of app content, highlighting the importance of timely updates to safeguard applications against such exploits.

References

http://cordova.apache.org/announcements/2014/08/04/androi...

x_refsource_CONFIRM

http://www.securityfocus.com/bid/69038

vdb-entryx_refsource_BID

Timeline

Vulnerability published
Nov 15, 2014
Vulnerability Reserved
May 14, 2014