Security researchers at Trend Micro Security firm discovered that 1 in 20 Android apps open to attack due to a flaw in the Apache Cordova API Framework. The vulnerability was confirmed also by Apache that issued a security bulletin: We are releasing version 4.0.2 of Cordova Android to address these security issues. The flaw resides in the way the Cordova. vulnerability can be exploited for a number of purposes, including tampering with the UIs appearance, injecting texts, pop-ups, and splash screens, modifying basic features implemented by the app.”]
Source: https://securityaffairs.co/wordpress/37286/hacking/flaw-cordova-api-framework.html