com.twitter.android.WidgetSettingsActivity extend PreferenceActivity and export.
By entering the appropriate extra intent can call any of its internal fragment.
So do not export...

**Summary:**
XSS via start ContentActivity using 'html' parameter.

**Description (Include Impact):**
Arbitrary applications on Android can run the exported activities ContentActivity,...