Brave when configuring its File Provider exposes all files form its public and private directory. This means an app could trigger a download a Brave’s cookie database by making a request to the content:// url for it and have it downloaded into the Downloads folder where any app could read it.

The author turns this into a remote vuln by taking advantage of the permission structure that allows a content:// file to load other content:// files. So an attacker generated page first triggers a download of their own malicious file, and then upon interaction triggers that file to be opened via its content:// url. That newly download page once opened can then use javascript to download other files like the cookie file and send it to the attacker.