I recently received this message from Google:
[quote:2v50yeei]This is a notification that your <app package name, in this case a few of my apps that were created compiled with Crosswalk>, is built on a version of Apache Cordova that contains security vulnerabilities. This includes a high severity cross-application scripting (XAS) vulnerability. Under certain circumstances, vulnerable apps could be remotely exploited to steal sensitive information, such as user login credentials.
You should upgrade to Apache Cordova 3.5.1 or higher as soon as possible. For more information about the vulnerabilities, and for guidance on upgrading Apache Cordova, please see http://cordova.apache.org/announcements ... d-351.html.
Please note, applications with vulnerabilities that expose users to risk of compromise may be considered â€œdangerous productsâ€ and subject to removal from Google Play.
Google Play Team
Â©2014 Google Inc.
1600 Amphitheatre Parkway
Mountain View, CA 94043
Email preferences: You have received this mandatory email service announcement to update you about important issues relating to your Google Play account.
IntelRobert I'm not sure how this works, does Crosswalk use Apache Cordova 3.5.1 or an earlier version? I'm having a hard time locating in the Intel XDK where it would say. Do you know anything about this issue and if we can fix it in our projects yet?