Webviews were observed that do not disable access to application files. If the WebView does not require loading content from the local filesystem of the application, this setting should be disabled. Likelihood: LOW Confidence: HIGH CWE: - CWE-272: Least Privilege Violation