We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
There was an error while loading. Please reload this page.
1 parent ab56023 commit 596cfd3Copy full SHA for 596cfd3
java/ql/src/Security/CWE/CWE-266/IntentUriPermissionManipulation.ql
@@ -1,8 +1,7 @@
1
/**
2
* @name Intent URI permission manipulation
3
- * @description When an externally provided Intent is returned to an Activity via setResult,
4
- * a malicious application could use this to grant itself permissions to access
5
- * arbitrary Content Providers that are accessible by the vulnerable application.
+ * @description Returning an externally provided Intent via setResult may allow a malicious
+ * application to access arbitrary Content Providers of the vulnerable application.
6
* @kind path-problem
7
* @problem.severity error
8
* @security-severity 7.8
0 commit comments