CVE-2019-0219: Privilege Escalation in cordova-plugin-inappbrowser

Severity: Critical

CVSS Score: 9.8

A website running in the InAppBrowser webview on Android could execute arbitrary JavaScript in the main application's webview using a specially crafted gap-iab: URI.