Access of Android protected components via embedded intent
Critical
S
Slack
Submitted None
Team Summary
Official summary from Slack
@bagipro found a vulnerability wherein a malicious and unprivileged app on the victim's phone could interact with any activity in the Slack Android app, allowing manipulation of the app in unintended ways. Thanks for the finding @bagipro!
Actions:
Reported by
bagipro
Report Details
Additional information and metadata
State
Closed
Substate
Resolved
Submitted
Weakness
Privilege Escalation