Vendor Responses
Vendor Responses
For each APINA flaw reported in section III, we selectively show responses from host app vendors as follows.
For each APINA flaw reported in section III, we selectively show responses from host app vendors as follows.
1. Apple acknowledged the Safari's Prominent UI confusion (Sub-window Deception flaw, section III-B)
2. Wechat acknowledged the escaped sub-app API (System Resource Exposure flaw, see section III-A)
3. Wechat acknowledged mobile Wallet UI confusion (Sub-window Deception flaw, section III-B)
4. Wechat acknowledged the Sub-app Lifecycle Hijacking flaw (section III-C)
5. Alipay acknowledged the escaped sub-app API (System Resource Exposure flaw, see section III-A), mobile Wallet UI confusion (Sub-window Deception flaw, see Section III-B) and Sub-app Lifecycle Hijacking flaw (section III-C).