CVE-2018-16202
Description
Directory traversal vulnerability in cordova-plugin-ionic-webview versions prior to 2.2.0 (not including 2.0.0-beta.0, 2.0.0-beta.1, 2.0.0-beta.2, and 2.1.0-0) allows remote attackers to access arbitrary files via unspecified vectors.
CWE
- (none)
Affected
- npm, Inc. / cordova-plugin-ionic-webview — v=versions prior to 2.2.0 (not including 2.0.0-beta.0, 2.0.0-beta.1, 2.0.0-beta.2, and 2.1.0-0) [affected]
CVSS
- (none)
References
- https://jvn.jp/en/jp/JVN69812763/index.html third-party-advisory, x_refsource_JVN
- https://github.com/ionic-team/cordova-plugin-ionic-webview x_refsource_MISC
- https://www.npmjs.com/advisories/746 x_refsource_MISC
- http://jvn.jp/en/jp/JVN60497148/index.html third-party-advisory, x_refsource_JVN
Source
cvelistV5-main/cves/2018/16xxx/CVE-2018-16202.json