CVE 2022-1130
Insufficient validation of trust input in WebOTP in Google Chrome on Android prior to 100.0.4896.60 allowed a remote attacker to send arbitrary intents from any app via a malicious app.
See the 
CVE page on Mitre.org
for more details.
