During external URI handler invocation ability to insert handler arguments via '-' is not checked.
vulners.com/securityvulns/securityvulns:doc:6224