The software uses a handler for a custom URL scheme, but it does not properly restrict which actors can invoke the handler using the scheme.