CVE-2025-27388 Information

Description

Loading arbitrary external URLs through WebView components introduces malicious JS code that can steal arbitrary user tokens.

Reference

https://security.oppo.com/en/noticeDetail?notice_only_key=NOTICE-1955879800426209280

Related CNNVD

CNNVD-202508-1496 (Published: 2025-08-14)