How would this be exploited? Can you read the contents of a webview in another process? Your users would have to navigate somehow to an exploited page (via an ad)?