Quora: [Android] XSS via start ContentActivity
Summary: XSS via start ContentActivity using 'html' parameter. Description Include Impact: Arbitrary applications on Android can run the exported activities ContentActivity, ModalContentActivity and ActionBarContentActivity. Using intent extra parameter html we can pass javascript, which will be...