Adobe PhoneGap Push Plugin CVE-2018-4943 Security Bypass Vulnerability

Adobe PhoneGap Push Plugin is prone to an security-bypass vulnerability.

An attacker can exploit this issue to bypass certain same-origin policy restrictions and obtain sensitive information; this may aid in launching further attacks.

Adobe PhoneGap Push Plugin 1.8.0 and prior versions are vulnerable.

Information

Bugtraq ID: 103710
Class: Unknown
CVE: CVE-2018-4943

Remote: Yes
Local: No
Published: Apr 10 2018 12:00AM
Updated: Apr 10 2018 12:00AM
Credit: Juho Nurminen of 2NS - Second Nature Security Oy
Vulnerable:

Not Vulnerable:

Exploit

Currently, we are not aware of any working exploits. If you feel we are in error or if you are aware of more recent information, please mail us at: vhttp://

References:

Adobe Homepage (Adobe)
Adobe PhoneGap Homepage (Adobe)
APSB18-15: Security update available for the Adobe PhoneGap Push Plugin | APSB1 (Adobe)

Source: www.securityfocus.com

Exploit Collector

Search Exploit