[cygx]

In order to be useful, a sandboxed program needs to communicate with the environment (the equivalent of system calls). If you can corrupt internal state, you can control the arguments to those calls, which may have security implications.

For example, if you corrupt a program that's allowed to use web sockets, you'll be able to port scan the user's local network.

[flohofwoe]

If that actually works in a browser wasm environment then it's also possible from Javascript, which is a memory safe language (eg either the sandbox works or it doesn't, that also includes the external APIs).

[cygx]

Sure. Under that perspective, it's basically a new vector for XSS attacks.