Command Injection

cookiecutter is vulnerable to command injection. The vulnerability exists in the clone function in vcs.py due to a lack of sanitization in checkout parameter which allows an attacker to inject and execute arbitrary codes...