Skip to content

Commit 596cfd3

Browse files
committed
Improve description
1 parent ab56023 commit 596cfd3

File tree

1 file changed

+2
-3
lines changed

1 file changed

+2
-3
lines changed

java/ql/src/Security/CWE/CWE-266/IntentUriPermissionManipulation.ql

Lines changed: 2 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -1,8 +1,7 @@
11
/**
22
* @name Intent URI permission manipulation
3-
* @description When an externally provided Intent is returned to an Activity via setResult,
4-
* a malicious application could use this to grant itself permissions to access
5-
* arbitrary Content Providers that are accessible by the vulnerable application.
3+
* @description Returning an externally provided Intent via setResult may allow a malicious
4+
* application to access arbitrary Content Providers of the vulnerable application.
65
* @kind path-problem
76
* @problem.severity error
87
* @security-severity 7.8

0 commit comments

Comments
 (0)