Jigbrowser
CVE-2014-5318
MEDIUM
Severity by source
AV:N/AC:M/Au:N/C:P/I:P/A:N
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
AV:N/AC:M/Au:N/C:P/I:P/A:N
Lifecycle Timeline
1DescriptionCVE.org
The jigbrowser+ application 1.8.1 and earlier for iOS allows remote attackers to bypass the Same Origin Policy via crafted JavaScript code.
AnalysisAI
The jigbrowser+ application 1.8.1 and earlier for iOS allows remote attackers to bypass the Same Origin Policy via crafted JavaScript code. Rated medium severity (CVSS 5.8), this vulnerability is remotely exploitable. No vendor patch available.
Technical ContextAI
This vulnerability is classified under CWE-264. The jigbrowser+ application 1.8.1 and earlier for iOS allows remote attackers to bypass the Same Origin Policy via crafted JavaScript code. Affected products include: Jig Jigbrowser\+.
RemediationAI
No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.
More in Jigbrowser
View allThe jigbrowser+ application before 1.6.4 for Android does not properly open windows, which allows remote attackers to sp
The jigbrowser+ application before 1.5.0 for Android does not properly implement the WebView class, which allows remote
Same technique Privilege Escalation
View allShare
External POC / Exploit Code
Leaving vuln.today