SettingsFragment.java, MainActivity.java
- Port validation ( no range check )
- IP/hostname: accepts any string no Inet validation done
- Video resolution parsing in
MainActivity.java splits resolution with x delimiter without properly handling it if bad preference entered.
- OAuth token endpoint - no URL format check
Security Issue:
- Passwords/tokens stored in plaintext
SettingsFragment.java,MainActivity.javaMainActivity.javasplits resolution with x delimiter without properly handling it if bad preference entered.Security Issue: