CRLF injection vulnerability in the Apache Cordova File Transfer Plugin (cordova-plugin-file-transfer) for Android before 1.3.0 allows remote attackers to inject arbitrary headers via CRLF sequences in the filename of an uploaded file.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: redhat
Published: 2015-12-17T19:00:00
Updated: 2024-08-06T06:41:08.135Z
Reserved: 2015-07-01T00:00:00
Link: CVE-2015-5204
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2015-12-17T19:59:01.417
Modified: 2015-12-18T18:04:49.617
Link: CVE-2015-5204
Redhat
No data.