The settings app appears to perform concatenation of user input when generating query selectors. A malformed query selector will cause a JS error E/GeckoConsole( 371): [JavaScript Error: "SyntaxError: An invalid or illegal string was specified" {file: "app://settings.gaiamobile.org/js/settings.js" line: 40}] STR 1. Go to Settings -> Internet Sharing -> Hotspot settings 2. Change SSID network name to (with quotes) a"][b=" 3. Press OK 4. Notice no error in `adb logcat` 5. Change SSID network name to a"][b= 6. Press OK 7. Notice that network "name" has not been updated and the above error in `adb logcat` Expected No error, network name updated I'm using the Internet Sharing feature as an example. There may be other fields with similar bugs. I am unsure of the severity of this issue. If a malicious app could change user input / interact with the settings apps, it may cause the settings app to retrieve incorrect settings values.