[jira] [Resolved] (CB-12430) URL Redirection to Untrusted Site ('Open Redirect')

Joe Bowser (JIRA) Fri, 07 Apr 2017 14:55:37 -0700

     [ 
https://issues.apache.org/jira/browse/CB-12430?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]


Joe Bowser resolved CB-12430.
-----------------------------
    Resolution: Invalid

This is vague, and we don't have any more information regarding this Varacode 
scan.  Closing until we get more information.

> URL Redirection to Untrusted Site ('Open Redirect') 
> ----------------------------------------------------
>
>                 Key: CB-12430
>                 URL: https://issues.apache.org/jira/browse/CB-12430
>             Project: Apache Cordova
>          Issue Type: Bug
>          Components: Android
>            Reporter: Sahil
>
> In VARACODE Scan of android Application following flaw was observed.
> Attack Vector: android.webkit.WebView.loadUrl
> Description: This call to android.webkit.WebView.loadUrl() contains a URL 
> redirection to untrusted site flaw. Writing unsanitized user-supplied input 
> into a URL value could cause the web application to redirect the request to 
> the specified URL, leading to phishing attempts to steal user credentials.



--
This message was sent by Atlassian JIRA
(v6.3.15#6346)

---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

[jira] [Resolved] (CB-12430) URL Redirection to Untrusted Site ('Open Redirect')

Reply via email to