CVE-2015-5208
MEDIUMApache Cordova iOS <4.0.0 - RCE
Title source: llmDescription
Apache Cordova iOS before 4.0.0 allows remote attackers to execute arbitrary plugins via a link.
References (6)
Scores
CVSS v3
4.4
EPSS
0.0180
EPSS Percentile
82.6%
Attack Vector
LOCAL
CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
Classification
CWE
CWE-20
Status
draft
Affected Products (1)
apache/cordova
< 3.9.1
Timeline
Published
May 09, 2016
Tracked Since
Feb 18, 2026