CVE-2017-17520
The CVE-2017-17520 issue affects TIN 2.4.1: tools/url_handler.pl does not validate strings before launching the program specified by the BROWSER environment variable, which can allow remote attackers to perform argument-injection via a crafted URL. This is documented in multiple sources (NVD entr...