CRLF Injection Vulnerability in Apache Cordova File Transfer Plugin
CVE-2015-5204 · MEDIUM Severity
AV:N/AC:M/AU:N/C:N/I:P/A:N
CRLF injection vulnerability in the Apache Cordova File Transfer Plugin (cordova-plugin-file-transfer) for Android before 1.3.0 allows remote attackers to inject arbitrary headers via CRLF sequences in the filename of an uploaded file.
Learn more about our Cis Benchmark Audit For Apache Http Server.