Update docs

Author: joefarebrother

java/ql/src/Security/CWE/CWE-927/SensitiveBroadcast.qhelp

@@ -2,8 +2,8 @@
 <qhelp>
 
   <overview>
-    <p>Broadcast intents in an Android application are visible to all applications installed on the same mobile device, exposing all sensitive information they contain.</p>
-    <p>Broadcasts are vulnerable to passive eavesdropping or active denial of service attacks when an intent is broadcast without specifying any receiver permission or receiver application.</p>
+    <p>When an implicit intent is broadcast in an Android application, if no reciever application or reciever permission is specified, it is visible to all applications installed on the same mobile device, exposing all sensitive information they contain.</p>
+    <p>This means that broadcasts that don't specify this are vulnerable to passive eavesdropping or active denial of service attacks.</p>
   </overview>
 
   <recommendation>
@@ -22,10 +22,6 @@
   </example>
 
   <references>
-    <li>
-      CWE:
-      <a href="https://cwe.mitre.org/data/definitions/927.html">CWE-927: Use of Implicit Intent for Sensitive Communication</a>
-    </li>
     <li>
       Android Developers:
       <a href="https://developer.android.com/guide/components/broadcasts">Security considerations and best practices for sending and receiving broadcasts</a>
@@ -46,5 +42,8 @@
       Android Developers:
       <a href="https://developer.android.com/topic/libraries/architecture/livedata">Android LiveData Overview</a>
     </li>
+    <li>
+      Oversecured: 
+      <a href="https://blog.oversecured.com/Interception-of-Android-implicit-intents/">Interception of Android implicit intents</a>
   </references>
 </qhelp>

java/ql/src/Security/CWE/CWE-927/SensitiveBroadcast.ql

@@ -6,7 +6,7 @@
  * @kind path-problem
  * @problem.severity warning
  * @precision medium
- * @id java/sensitive-broadcast
+ * @id java/android/sensitive-broadcast
  * @tags security
  *       external/cwe/cwe-927
  */