SAP Knowledge Base Article - Preview

2096810 - SMP: Security Alert on Google Play for HWC


  1. A custom HWC 2.3.4 and earlier has been submitted to the Google Play store
  2. Google has returned the following security alert:
    Security alert
    This app is build on a version of Apache Cordova that contains security vulnerabilities.  This includes a high severity cross-application scripting (XAS) vulnerability.  Under certain cirucmstances, vulnerable apps could be remotely exploited to steal sensitive information, such as user login credentials.
    You should upgrade to Apache Cordova v3.5.1 or higher as soon as possible.  For more information about the vulnerabilities, and for guidance on upgrading Apache Cordova, please see htttp://
    Please note, applications with vulnerabilities that expose users to risk of compromise may be considered "dangerous products" and subject to removal from Google Play.



  • SMP (SAP Mobile Platform) HWC (Hybrid Web Container) 2.3 and earlier


SAP Mobile Platform 2.3


KBA , MOB-SUP-SDK , Mobile SDK , Problem

About this page

This is a preview of a SAP Knowledge Base Article. Click more to access the full version on SAP for Me (Login required).

Search for additional results

Visit SAP Support Portal's SAP Notes and KBA Search.