search

pharshdev / sms_user_consent

Flutter plugin that implements Android's SMS User Consent API
MIT License
9 stars 26 forks source link

Google play store Vulnerability detection because of startActivityForResult #11

Open mhbdev opened 1 year ago

mhbdev commented 1 year ago

I was trying to upload a version of my application to google play and faced this:

Your app(s) are vulnerable to Intent Redirection. To address this issue, follow the steps in this Google Help Center article. q3.b$b.onReceive androidx.activity.ComponentActivity.startActivityForResult While these vulnerabilities may not affect every app, it’s best to stay up to date on all security patches.

I think it is referring to this part of code: mActivity.startActivityForResult(extras.getParcelable(SmsRetriever.EXTRA_CONSENT_INTENT), SMS_CONSENT_REQUEST)

alok-xseed commented 1 year ago

+1

emre86t commented 8 months ago

+1 I received the same error message from Google Play and I request you to fix this error immediately. @pharshdev @Tetsukick https://github.com/pharshdev/sms_user_consent/pull/13 @Tetsukick

image

danijorda1 commented 6 months ago

anyone solved this?

sagarZodage commented 1 month ago

@emre86t Are you able to fix above issue.

Screenshot 2024-09-26 at 12 38 34 PM
emre86t commented 1 month ago

We fixed this issue with using "smart_auth: ^2.0.0" instead of "sms_user_consent_manager: ^1.1.2". You can use "smart_auth: ^2.0.0".