Vulnerabilities > Apache > Cordova > 3.9.1

DATE CVE VULNERABILITY TITLE RISK
2016-05-09 CVE-2015-5208 Improper Input Validation vulnerability in Apache Cordova 2.6.0/2.9.0/3.9.1
Apache Cordova iOS before 4.0.0 allows remote attackers to execute arbitrary plugins via a link.
network
apache CWE-20
4.3
4.3
2016-05-09 CVE-2015-5207 Improper Access Control vulnerability in Apache Cordova 2.6.0/2.9.0/3.9.1
Apache Cordova iOS before 4.0.0 might allow attackers to bypass a URL whitelist protection mechanism in an app and load arbitrary resources by leveraging unspecified methods.
network
low complexity
apache CWE-284
7.5
7.5