1 matches found
In zsh before 5.8.1 an attacker can achieve code execution if they control a command output inside the prompt as demonstrated by a %F argument. This occurs because of recursive PROMPT_SUBST expansion.
...