Description
Apache Cordova Android before 3.5.1 allows remote attackers to bypass the HTTP whitelist and connect to arbitrary servers by using JavaScript to open WebSocket connections through WebView.
Remediation
References
http://www.securityfocus.com/bid/69041
http://cordova.apache.org/announcements/2014/08/04/android-351.html
Related Vulnerabilities
CVE-2016-2175 Vulnerability in maven package org.apache.pdfbox:preflight-app
CVE-2021-26291 Vulnerability in maven package org.apache.maven:apache-maven
CVE-2018-1000198 Vulnerability in maven package com.blackducksoftware.integration:blackduck-hub
CVE-2016-3102 Vulnerability in maven package org.jenkins-ci.plugins:script-security