Medium
CVSS 4.3
Overview
Apache Cordova Android before 3.5.1 allows remote attackers to bypass the HTTP whitelist and connect to arbitrary servers by using JavaScript to open WebSocket connections through WebView.
CVE-2014-3501
Apache Cordova Android before 3.5.1 allows remote attackers to bypass the HTTP w...
Risk analysis
This vulnerability is rated 🟡 MEDIUM.
- CVSS: 4.3 (MEDIUM)
- Detected tags: none (tag impact: LOW)
Recommended actions:
- Prioritize remediation based on business criticality and exposure.
- Limit exposure and increase monitoring until fixed.