appsec @infosec.pub npm search RCE? - Escape Sequence Injection
cybersecurity @infosec.pub npm search RCE? - Escape Sequence Injection
appsec @infosec.pub It’s not a Feature, It’s a Vulnerability
cybersecurity @infosec.pub It’s not a Feature, It’s a Vulnerability
Security @lemmy.ml From Terminal Output to Arbitrary Remote Code Execution
Exploit Development @infosec.pub From Terminal Output to Arbitrary Remote Code Execution
cybersecurity @infosec.pub From Terminal Output to Arbitrary Remote Code Execution
/c/cybersecurity - Cybersecurity News & Discussion @lemmy.ml From Terminal Output to Arbitrary Remote Code Execution
Security @programming.dev From Terminal Output to Arbitrary Remote Code Execution
appsec @infosec.pub From Terminal Output to Arbitrary Remote Code Execution
That is very true.I do think that there's more depth to it than that. For example, dealing with it on the end of the terminal will probably break compatibility, and dealing with it on the app end will require every single dev to start sanitizing this. The challenges are real.