Due to a misconfiguration, the WARP Mobile Client (< 6.29) for Android was susceptible to a tapjacking attack. Rated low severity (CVSS 3.7), this vulnerability is remotely exploitable. No vendor patch available.
Google
XSS
Warp
NVD
GitHub
CVSS 3.1
3.7
EPSS
0.2%