You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I’ve identified a security vulnerability related to the exposure of the internal representation in the “ThemeList.java” class.
Method getThemes() in the ThemeList.java class returns a direct reference to its private ‘themes’ list. Therefore, any caller can maliciously modify internal representation leading to data corruption. For example, the caller can perform the operation “themeList.getTHemes().clear()” and clear the data in the list.
The text was updated successfully, but these errors were encountered:
I’ve identified a security vulnerability related to the exposure of the internal representation in the “ThemeList.java” class.
Method getThemes() in the ThemeList.java class returns a direct reference to its private ‘themes’ list. Therefore, any caller can maliciously modify internal representation leading to data corruption. For example, the caller can perform the operation “themeList.getTHemes().clear()” and clear the data in the list.
The text was updated successfully, but these errors were encountered: