Security Advisory

CVE-2023-2507

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2023-07-15 18:45:18

Last updated 2025-09-24 14:10:13

Assigner Fluid Attacks

State PUBLISHED

Description

CleverTap Cordova Plugin version 2.6.2 allows a remote attacker to execute JavaScript code in any application that is opened via a specially constructed deeplink by an attacker. This is possible because the plugin does not correctly validate the data coming from the deeplinks before using them.

← Browse all CVEs View on cve.org ↗