CRLF Injection Vulnerability in Apache Cordova File Transfer Plugin

CRLF Injection Vulnerability in Apache Cordova File Transfer Plugin

CVE-2015-5204 · MEDIUM Severity

AV:N/AC:M/AU:N/C:N/I:P/A:N

CRLF injection vulnerability in the Apache Cordova File Transfer Plugin (cordova-plugin-file-transfer) for Android before 1.3.0 allows remote attackers to inject arbitrary headers via CRLF sequences in the filename of an uploaded file.

Learn more about our Cis Benchmark Audit For Apache Http Server.