CVE-2021-3727

Vulnerability in rand-quote and hitokoto plugins Description: the rand-quote and hitokoto fetch quotes from quotationspage.com and hitokoto.cn respectively, do some process on them and then use print -P to print them. If these quotes contained the proper symbols, they could trigger command...

ohmyzsh 操作系统命令注入漏洞

ohmyzsh is an open source, community-driven framework for managing your zsh configuration. ohmyzsh suffers from an operating system command injection vulnerability that can be exploited by an attacker to trigger command injection via the rand-quote and hitokoto plugins...