...
This vulnerability was fixed in Twicca v0.9.31. In stead Instead of declaring the activity to exported="false" in AndroidManifest.xml, twicca fixed this vulnerability by validating the caller of this activity. In the onCreate() method of the activity classsclass, code is was added to check if the package name of the calling callier is the same as the package name of itself. If they are the package names are different, the activity exits:
...
Rule | Severity | Likelihood | Remediation Cost | Priority | Level |
|---|---|---|---|---|---|
DRD06DRD09-J | High | Probable | Medium | P12 | L1 |
...