A Same Origin Policy (SOP) bypass vulnerability has been identified in the Android browser installed by default on versions of the operating system prior to 4.4, a researcher revealed on Thursday.