HackApp vulnerability scanner discovered that application Parrot MINIKIT Neo 2 published at the βplayβ market has multiple vulnerabilities.
Code for 'DexClassLoader' could be tampered.
Control of WebView context allows to access local files.
WebView 'setJavaScriptEnabled(true)' could be exploited during cross-site scripting attacks.
Were do they point?
All items deleted with 'file.delete()' could be recovered.
Are you sure these files should be here?
Check certificate validation. Do not create or redefine X509Certificate class methods by yourself, if you don't understand risks. Use the existing API.
CPE | Name | Operator | Version |
---|---|---|---|
parrot minikit neo 2 | le | 1.1 |