CAPEC-503: WebView Exposure
ID
CAPEC-503
Status
Draft
An adversary, through a malicious web page, accesses application specific functionality by leveraging interfaces registered through WebView's addJavascriptInterface API. Once an interface is registered to WebView through addJavascriptInterface, it becomes global and all pages loaded in the WebView can call this interface.
Weaknesses
# ID | Name | Type |
---|---|---|
CWE-284 | Improper Access Control | weakness |