Troubleshooting
Problem
Resolving The Problem
AppScan is testing for these vulnerabilities by testing the Cordova version number. For the version of Cordova shipped with MobileFirst Platform Foundation V7.1, this is an unreliable method of testing for the presence of a Cordova vulnerability, and may produce misleading results. There is an older version of Cordova with MobileFirst Platform 7.1, but when Cordova vulnerabilities are published, the fixes are backported into the version of Cordova, without changing the Cordova version number. The Cordova version is not updated when interim fixes are published, due to the risk of breaking existing applications. Therefore, the actual Cordova version used with the product is not changed except between major releases.
Was this topic helpful?
Document Information
Modified date:
24 January 2020
UID
swg21989966