Your security testers are not analyzing your app’s code, they are using a security scanner that gets false positives coming from system frameworks (created by Apple) that most apps use.
Not Cordova nor Capacitor use _sscanf nor _fopen anywhere.
Your security testers are not analyzing your app’s code, they are using a security scanner that gets false positives coming from system frameworks (created by Apple) that most apps use.
Not Cordova nor Capacitor use _sscanf nor _fopen anywhere.