You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
In lots of apk there are some activities/receivers/services which are exported but nothing malicious is possible from them like net.openid.appauth.RedirectUriReceiverActivity this activity is used by many applications for oauth functionality.
Now, this is not vulnerable because they don't use webview(:cry:) instead of open everything in the external browser and we know that anything out of the context of app is not in scope of the bounty.
There are many other activities/receivers/services which have this kind of nature. It would be nice if we get rid of them.
The text was updated successfully, but these errors were encountered:
In lots of apk there are some activities/receivers/services which are exported but nothing malicious is possible from them like
net.openid.appauth.RedirectUriReceiverActivity
this activity is used by many applications for oauth functionality.Now, this is not vulnerable because they don't use
webview
(:cry:) instead of open everything in the external browser and we know that anything out of the context of app is not in scope of the bounty.There are many other activities/receivers/services which have this kind of nature. It would be nice if we get rid of them.
The text was updated successfully, but these errors were encountered: