Closed shivasurya closed 1 month ago
/** * @name Android WebView JavaScript settings * @description Enabling JavaScript execution in a WebView can result in cross-site scripting attacks. * @kind problem * @id java/android/websettings-javascript-enabled * @problem.severity warning * @security-severity 6.1 * @precision medium * @tags security * external/cwe/cwe-079 */ FIND method_invocation WHERE name = 'setJavaScriptEnabled' AND argumentname = 'true'