2020-01-14 14:18:22
apache
PUBLISHED
A website running in the InAppBrowser webview on Android could execute arbitrary JavaScript in the main applications webview using a specially crafted gap-iab: URI.