Added severity

Removed duplicated code

Author: atorralba

java/ql/lib/semmle/code/java/security/IntentUriPermissionManipulation.qll

@@ -51,9 +51,6 @@ private class IntentFlagsOrDataChangedSanitizer extends IntentUriPermissionManip
       TaintTracking::localExprTaint(any(GrantWriteUriPermissionFlag f).getAnAccess(),
         ma.getArgument(0))
       or
-      ma.getMethod() = m and
-      m.getDeclaringType() instanceof TypeIntent and
-      this.asExpr() = ma.getQualifier() and
       m.hasName("setFlags") and
       not TaintTracking::localExprTaint(any(GrantUriPermissionFlag f).getAnAccess(),
         ma.getArgument(0))

java/ql/src/Security/CWE/CWE-266/IntentUriPermissionManipulation.ql

@@ -5,6 +5,7 @@
  *              arbitrary Content Providers that are accessible by the vulnerable application.
  * @kind path-problem
  * @problem.severity error
+ * @security-severity 7.8
  * @precision high
  * @id java/android/intent-uri-permission-manipulation
  * @tags security