Lightweight vault and password manager for Android, KeePassDX allows editing encrypted data in a single file in KeePass format and fill in the forms in a secure way.
In the ImmuniWeb report available at this URL, a security flaw has been identified that I find challenging to comprehend:
The flaw is labelled as JS CORS ENABLED IN WEBVIEW with a severity rating of M10 and associated with CWE-749.
Hence, my inquiry revolves around two points:
Does KeePassDX utilize WebView?
Is this flaw triggered specifically when interacting with a link field within the application ?
In the ImmuniWeb report available at this URL, a security flaw has been identified that I find challenging to comprehend:
The flaw is labelled as
JS CORS ENABLED IN WEBVIEW
with a severity rating of M10 and associated with CWE-749. Hence, my inquiry revolves around two points:Does KeePassDX utilize WebView? Is this flaw triggered specifically when interacting with a link field within the application ?