The vulnerability in the Apache Cordova app framework allows attackers to modify the behavior of apps just by clicking a URL. The extent of the modifications can range from causing nuisance for app users to crashing the apps completely. This high-severity vulnerability affects all versions of Apache Cordova up to 4.0.1. Apache has released a security bulletin confirming the vulnerability. This means that majority of Cordova-based apps, which accounts for 5.6% of all apps in Google Play, are prone to exploits.
Read more here – http://blog.trendmicro.com/trendlabs-security-intelligence/trend-micro-discovers-apache-vulnerability-that-allows-one-click-modification-of-android-apps/