What are the security risks of scanning a QR code from an untrusted source?
If the QR code was constructed by an attacker, what can the attacker do to me? Do widely used QR scanners have any known vulnerabilities? What information can be stored in a QR code, how is it handled by QR scanners, and how could this be used by an attacker?
I know a QR code can contain a URL, and many readers will launch a browser to that URL, so a QR code could be used as a launching point to mount any attack that can successfully be exploited against my browser. Is there anything else? Can other data be stored in a QR code and automatically processed by the scanner?