Tencent
Cross-Site Scripting: Inter-Component Communication
https://github.com/Tencent/VasSonic/blob/59936beff656d4b5718ff6444d6c5e001a2c5231/sonic-android/sample/src/main/java/com/tencent/sonic/demo/BrowserActivity.java#L71-L72 https://github.com/Tencent/VasSonic/blob/59936beff656d4b5718ff6444d6c5e001a2c5231/sonic-android/sample/src/main/java/com/tencent/sonic/demo/BrowserActivity.java#L111-L113 https://github.com/Tencent/VasSonic/blob/59936beff656d4b5718ff6444d6c5e001a2c5231/sonic-android/sample/src/main/java/com/tencent/sonic/demo/BrowserActivity.java#L188 https://github.com/Tencent/VasSonic/blob/59936beff656d4b5718ff6444d6c5e001a2c5231/sonic-android/sdk/src/main/java/com/tencent/sonic/sdk/SonicSessionClient.java#L35-L37 https://github.com/Tencent/VasSonic/blob/59936beff656d4b5718ff6444d6c5e001a2c5231/sonic-android/sdk/src/main/java/com/tencent/sonic/sdk/StandardSonicSession.java#L124 https://github.com/Tencent/VasSonic/blob/59936beff656d4b5718ff6444d6c5e001a2c5231/sonic-android/sample/src/main/java/com/tencent/sonic/demo/SonicSessionClientImpl.java#L40-L41
Sending unvalidated data to a web browser can result in the browser executing malicious code.
