Security Alert: Apache Cordova vulnerabilities in your Google Play app

[Deon]

Hi

I received this from Google today. Please advise urgently.

This is a notification that your io.appery.project110622, io.appery.project169710, io.appery.project170761, is built on a version of Apache Cordova that contains security vulnerabilities. This includes a high severity cross-application scripting (XAS) vulnerability. Under certain circumstances, vulnerable apps could be remotely exploited to steal sensitive information, such as user login credentials.
You should upgrade to Apache Cordova 3.5.1 or higher as soon as possible. For more information about the vulnerabilities, and for guidance on upgrading Apache Cordova, please see http://cordova.apache.org/announcemen....
Please note, applications with vulnerabilities that expose users to risk of compromise may be considered “dangerous products” and subject to removal from Google Play.
Regards,
Google Play Team
©2014 Google Inc.
1600 Amphitheatre Parkway
Mountain View, CA 94043

[Illya Stepanov]

Hi Deon,

We are aware of this situation. It is planned to upgrade Cordova version in a nearest time.

[Deon]

Thank you

I am not receiving any notifications regarding changes etc in appery or important updates.

Please can this be done?

Thanks

[Illya Stepanov]

Could you please clarify what notifications do you mean?

[Maryna Brodina]

Hello!

Sorry, do you want to upgrade your app to the new builder?

http://devcenter.appery.io/documentat...

[Deon]

Will it fix the issue?

[Maryna Brodina]

No unfortunately. We are planning to update Cordova version in a few weeks.

[JorgeJones]

I am receiving this error as well. Has the Cordova version been updated?

[Illya Stepanov]

Hi - Could you please clarify what Libraries version you're using in your build?
:: http://devcenter.appery.io/documentat...

[JorgeJones]

Ah, thanks. It was the default (v1.1), but I just updated to v2.1 and I expect that'll fix the issue.