An issue in iOS WebView that is trivial to exploit can give an attacker the ability to trigger phone calls from a targeted device. An attacker would merely need to send the victim a link that would redirect to a site hosting the attacker s HTML code. The risks to the user include ramped up charges to premium numbers, or worse, denial-of-service attacks similar to one last week that landed an Arizona man in jail for an exploit that allowed users to flood 911 call centers with calls just with one click.
Source: https://threatpost.com/ios-webview-problem-allows-attackers-to-initiate-phone-calls/121865/