Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Adobe PhoneGap before 2.6.0 on Android uses the shouldOverrideUrlLoading callback instead of the proper shouldInterceptRequest callback, which allows remote attackers to bypass intended device-resource restrictions via content that is accessed (1) in an IFRAME element or (2) with the XMLHttpRequest method by a crafted application.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Adobe PhoneGap 权限许可和访问控制漏洞
Vulnerability Description
Adobe PhoneGap是美国奥多比(Adobe)公司的一套开源的开发框架,它的作用是让开发者使用HTML、Javascript、CSS等Web APIs开发跨平台的移动设备应用程序。 Android平台上的Adobe PhoneGap 2.5.0及之前的版本中存在安全漏洞,该漏洞源于程序错误的使用‘shouldOverrideUrlLoading’回调。远程攻击者可利用该漏洞绕过既定的设备资源限制。
CVSS Information
N/A
Vulnerability Type
N/A