Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Apache Cordova 3.3.0 and earlier and Adobe PhoneGap 2.9.0 and earlier on Windows Phone 7 and 8 do not properly restrict navigation events, which allows remote attackers to bypass intended device-resource restrictions via content that is accessed (1) in an IFRAME element or (2) with the XMLHttpRequest method by a crafted application.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Apache Cordova和Adobe PhoneGap权限许可和访问控制漏洞
Vulnerability Description
Adobe PhoneGap是美国奥多比(Adobe)公司的一套开源的开发框架。Apache Cordova是美国阿帕奇(Apache)软件基金会的一套可使用HTML、CSS和JavaScript开发移动应用程序的平台,也是驱动PhoneGap的核心引擎。 基于Windows Phone 7和8版本上的Apache Cordova 3.3.0及之前的版本和Adobe PhoneGap 2.9.0及之前的版本中存在安全漏洞,该漏洞源于程序没有正确处理‘navigation’事件。远程攻击者可利用该漏洞绕过既
CVSS Information
N/A
Vulnerability Type
N/A