CVE-2018-4943

EUVD-2018-16728
Adobe PhoneGap Push Plugin versions 1.8.0 and earlier have an exploitable Same-Origin Method Execution vulnerability. Successful exploitation could lead to JavaScript code execution in the context of the PhoneGap app.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
8.8 HIGH
NETWORK
LOW
NONE
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 93%
Affected Products (NVD)
VendorProductVersion
adobepush_notifications
𝑥
≤ 1.8.0
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://www.securityfocus.com/bid/103710
https://helpx.adobe.com/security/products/phonegap/apsb18-15.html
http://www.securityfocus.com/bid/103710
https://helpx.adobe.com/security/products/phonegap/apsb18-15.html