Security flaw in the Apache Cordova developer framework could allow for malicious injections into Android apps.
A serious security glitch has been found inside the gear APIs used to develop Android applications.
The APIs give a Javascript library to appeal to different functions.
The damage of the modifications can range from crashing the apps completely to causing annoyance for app users.
Labelled asCVE-2015-1835, the security susceptibility does require particular conditions to make full use of.
Most Cordova-based apps do extend the CordovaActivity and very few explicitly define all preferences in their configuration.
To fix these security issues, Cordova is releasing version 4.0.2. of the API set.
Other platforms are believed not to be influenced by the susceptibility.
source: www.techworm.net
