Apache Cordova Android WebView HTTP Whitelist Bypass Vulnerability

Apache Cordova Android WebView HTTP Whitelist Bypass Vulnerability

CVE-2014-3501 · MEDIUM Severity

AV:N/AC:M/AU:N/C:N/I:P/A:N

Apache Cordova Android before 3.5.1 allows remote attackers to bypass the HTTP whitelist and connect to arbitrary servers by using JavaScript to open WebSocket connections through WebView.

Learn more about our Cis Benchmark Audit For Google Android.