Re: [EXTERNAL] RE: AW: Re busybox tar hidden filename exploit

On 15 July 2024 16:39 David Laight wrote: > On 03 July 2024 01:29 'Michael Conrad' wrote: > > The underlying root problem here is the same as SQL injection or HTML > > cross-site scripting attacks. You have data, and you emit it in a > > context that is expecting a language/protocol > I'm sure s

Re: [EXTERNAL] Re: AW: Re busybox tar hidden filename exploit

From: busybox on behalf of Michael Conrad mcon...@intellitree.com > The underlying root problem here is the same as SQL injection or HTML > cross-site scripting attacks. > You have data, and you emit it in a context that is expecting a > language/protocol of some