Webview Cross-app Scripting Vulnerability 해결방법 / 교차 앱 스크립팅 취약점 문제 해결하기 > 기술자료

• 목록

Hello Google Play Developer,

We reviewed ************, with package name **.**.****.***, and found that your app uses software that contains security vulnerabilities for users. Apps with these vulnerabilities can expose user information or damage a user’s device, and may be considered to be in violation of our Malicious Behavior policy.

Below is the list of issues and the corresponding APK versions that were detected in your recent submission. Please migrate your apps to use the updated software as soon as possible and increment the version number of the upgraded APK.

Vulnerability	APK Version(s)	Deadline to fix
Cross-app Scripting Your app(s) are using a WebView that is vulnerable to cross-app scripting. To address this issue, follow the steps in this Google Help Center article.	3	March 17, 2020

Vulnerability

APK Version(s)

Deadline to fix

To confirm you’ve upgraded correctly, submit the updated version of your app to the Play Console and check back after five hours. We’ll show a warning message if the app hasn’t been updated correctly.

While these vulnerabilities may not affect every app, it’s best to stay up to date on all security patches.

If you have technical questions about the vulnerability, you can post to Stack Overflow and use the tag “android-security.” For clarification on steps you need to take to resolve this issue, you can contact our developer support team.

Best,

The Google Play Team

앱을 등록후 구글에서 아래의 내용으로 메일을 수신했습니다.
크로스앱스크립팅에 웹뷰가 취약한 상태라고 그것을 해결하라는 내용입니다.


관련해서 검색하니 아래의 링크에 해결방법이 정리가 되어 있네요.


관련자료
http://trandent.com/article/android/detail/319341