Security Error with android:exported=true #2938

nmanikiran · 2020-07-24T12:05:42Z

Expected Behaviour

Set the android:exported=true => android:exported = false

Actual Behaviour

getting below security errors
android:exported=true is set.

Severity: High

1:com.adobe.phonegap.push.FCMService
2:com.adobe.phonegap.push.PushInstanceIDListenerService
3:com.google.firebase.messaging.FirebaseMessagingService
4:com.google.firebase.iid.FirebaseInstanceIdService

Reproduce Scenario (including but not limited to)

After build the the .apk
doing static analysing with MobSF

Steps to Reproduce

Platform and Version (eg. Android 5.0 or iOS 9.2.1)

Any

(Android) What device vendor (e.g. Samsung, HTC, Sony...)

Any

Cordova CLI version and cordova platform version

cordova --version                                    # e.g. 8.1.1
cordova platform version android                     # e.g. 4.1.1

Plugin version

cordova plugin version | grep phonegap-plugin-push   # e.g. 2.3.0

Logs taken while reproducing problem

The text was updated successfully, but these errors were encountered:

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Security Error with android:exported=true #2938

Security Error with android:exported=true #2938

nmanikiran commented Jul 24, 2020

Security Error with android:exported=true #2938

Security Error with android:exported=true #2938

Comments

nmanikiran commented Jul 24, 2020

Expected Behaviour

Actual Behaviour

Reproduce Scenario (including but not limited to)

Steps to Reproduce

Platform and Version (eg. Android 5.0 or iOS 9.2.1)

(Android) What device vendor (e.g. Samsung, HTC, Sony...)

Cordova CLI version and cordova platform version

Plugin version

Logs taken while reproducing problem