CVE-2023-46918 Information

Description

Phlox com.phlox.simpleserver.plus (aka Simple HTTP Server PLUS) 1.8.1-plus has an Android manifest file that contains an entry with the android:allowBackup attribute set to true. This could be leveraged by an attacker with physical access to the device.

Reference

https://github.com/actuator/com.phlox.simpleserver/blob/main/CWE-321.md