...
The first ten methods shown in the table can be invoked on a Class object. Care must be taken when using these APIs. In particular, trusted code should not accept Class objects from untrusted code for further use. For example, if trusted code is loaded by the bootstrap class loader, it can create an instance of a sensitive system class by using the the newInstance() method on the Class object. If the method that creates the instance is visible to untrusted code, no security manager checks are carried out to prohibit the utrusted untrusted code from indirectly creating the class instance (untrusted code must pass the class loader comparison check). Similarly, instances of trusted Class objects should not be returned to untrusted code. Security vulnerabilities can arise if the untrusted code's class loader is the same as or the delegation ancestor of the trusted code's class loader.
...