[jira] [Updated] (CB-12430) URL Redirection to Untrusted Site ('Open Redirect')

Shazron Abdullah (JIRA) Mon, 27 Feb 2017 20:21:07 -0800

     [ 
https://issues.apache.org/jira/browse/CB-12430?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]


Shazron Abdullah updated CB-12430:
----------------------------------
    Component/s: Android

> URL Redirection to Untrusted Site ('Open Redirect') 
> ----------------------------------------------------
>
>                 Key: CB-12430
>                 URL: https://issues.apache.org/jira/browse/CB-12430
>             Project: Apache Cordova
>          Issue Type: Bug
>          Components: Android
>            Reporter: Sahil
>            Assignee: Shazron Abdullah
>
> In VARACODE Scan of android Application following flaw was observed.
> Attack Vector: android.webkit.WebView.loadUrl
> Description: This call to android.webkit.WebView.loadUrl() contains a URL 
> redirection to untrusted site flaw. Writing unsanitized user-supplied input 
> into a URL value could cause the web application to redirect the request to 
> the specified URL, leading to phishing attempts to steal user credentials.



--
This message was sent by Atlassian JIRA
(v6.3.15#6346)

---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

[jira] [Updated] (CB-12430) URL Redirection to Untrusted Site ('Open Redirect')

Reply via email to