I’m trying to understand the mechanics of WebKit vulnerabilities, such as CVE-2023-42916, which involve processing malicious web content. Specifically, I want to know if these vulnerabilities can be exploited by simply processing a link, without the user actively opening the webpage.