Hi, while doing some analysis on your app, we discovered that an explicit intent sent to BroadcastReceiverWebLink could bypass the requirement set in the intent-filter (the data is not validated). It's highly recommend to validate the data in case the broadcast receiver is directly targeted using explicit intents.
More over, data passed from another (potentially malicious) app is used as URL (Malicious app can use your app as a proxy to leak sensitive information).
Hi, while doing some analysis on your app, we discovered that an explicit intent sent to BroadcastReceiverWebLink could bypass the requirement set in the intent-filter (the data is not validated). It's highly recommend to validate the data in case the broadcast receiver is directly targeted using explicit intents.
More over, data passed from another (potentially malicious) app is used as URL (Malicious app can use your app as a proxy to leak sensitive information).
Best