cordova-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Sahil (JIRA)" <>
Subject [jira] [Created] (CB-12430) URL Redirection to Untrusted Site ('Open Redirect')
Date Tue, 07 Feb 2017 06:55:41 GMT
Sahil created CB-12430:

             Summary: URL Redirection to Untrusted Site ('Open Redirect') 
                 Key: CB-12430
             Project: Apache Cordova
          Issue Type: Bug
            Reporter: Sahil

In VARACODE Scan of android Application following flaw was observed.
Attack Vector: android.webkit.WebView.loadUrl

Description: This call to android.webkit.WebView.loadUrl() contains a URL redirection to untrusted
site flaw. Writing unsanitized user-supplied input into a URL value could cause the web application
to redirect the request to the specified URL, leading to phishing attempts to steal user credentials.

This message was sent by Atlassian JIRA

To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message