CVE-2018-4943

8.8HIGH

Key Information:

Vendor
Adobe
Status
Adobe Phonegap Push Plugin 1.8.0 Earlier Versions
Vendor
CVE Published:
19 May 2018

Summary

Adobe PhoneGap Push Plugin versions 1.8.0 and earlier have an exploitable Same-Origin Method Execution vulnerability. Successful exploitation could lead to JavaScript code execution in the context of the PhoneGap app.

Affected Version(s)

Adobe PhoneGap Push Plugin 1.8.0 earlier Adobe PhoneGap Push Plugin 1.8.0 earlier versions

References

https://helpx.adobe.com/security/products/phonegap/apsb18...
x_refsource_MISC
http://www.securityfocus.com/bid/103710
vdb-entryx_refsource_BID

CVSS V3.1

Score:
8.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.