CVE-2014-0073

Name of the Vulnerable Software and Affected Versions Apache Cordova In-App-Browser standalone plugin versions prior to 0.3.2 In-App-Browser plugin for iOS from Cordova versions 2.6.0 through 2.9.0

Description The issue is related to the CDVInAppBrowser class, which does not properly validate callback identifiers. This allows remote attackers to execute arbitrary JavaScript in the host page, potentially gaining privileges via a crafted gap-iab: URI. The vulnerability is associated with insufficient access control, enabling a remote attacker to execute arbitrary JavaScript code and elevate their privileges using a specially crafted URI.

Recommendations For Apache Cordova In-App-Browser standalone plugin versions prior to 0.3.2, update to version 0.3.2 or later. For In-App-Browser plugin for iOS from Cordova versions 2.6.0 through 2.9.0, consider disabling the CDVInAppBrowser class until a patch is available, or restrict access to the gap-iab: URI to minimize the risk of exploitation.