Remote Plugin Execution Vulnerability in Apache Cordova for iOS
CVE-2015-5208

4.4MEDIUM

Key Information:

Vendor

Apache
Status
Cordova
Vendor
CVE Published:
9 May 2016

What is CVE-2015-5208?

Prior to version 4.0.0, Apache Cordova for iOS is susceptible to a vulnerability that enables remote attackers to execute arbitrary plugins through crafted links. This flaw poses significant security risks as it could allow unauthorized access to sensitive functionality within the application, compromising user data and system integrity. It is crucial for developers using affected versions to implement immediate updates and proper security measures to mitigate potential exploits.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

https://cordova.apache.org/announcements/2016/04/27/secur...
x_refsource_CONFIRM
http://jvn.jp/en/jp/JVN41772178/index.html
third-party-advisoryx_refsource_JVN
http://jvndb.jvn.jp/en/contents/2016/JVNDB-2016-000059.html
third-party-advisoryx_refsource_JVNDB

CVSS V3.1

Score:
4.4
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
Low
Availability:
Low
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.