CWE-927

Use of Implicit Intent for Sensitive Communication

The Android application uses an implicit intent for transmitting sensitive data to other applications.

Mitigation

Phase: Implementation

Description:

  • If the application only requires communication with its own components, then the destination is always known, and an explicit intent could be used.

No CAPEC attack patterns related to this CWE.

Back to CWE stats page