Ajay Gupta created CB-11899:
-------------------------------
Summary: Veracode security vulnerability: Exposed Dangerous method
or Function
Key: CB-11899
URL: https://issues.apache.org/jira/browse/CB-11899
Project: Apache Cordova
Issue Type: Bug
Components: CordovaJS
Reporter: Ajay Gupta
Priority: Critical
In a recent veracode scan oof one of the mobile applications, we found a high
level vulnerability in Cordova.
Exposed Dangerous Method or Function (CWE ID 749)
Description: The application provides an API or similar interface to a
dangerous method or function that is not property restricted. Recommendation
is to restrict the exposed API, or avoid using the classes that exhibit the
behavior.
Instances found during static scan: .../SystemWebViewEngine.java: 259
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
