Command injection vulnerability: Using template literals with user-controllable path in shell command. Use array form or properly validate/sanitize the path before execution.

Command injection vulnerability: Using template literals with user-controllable path in shell command. Use array form or properly validate/sanitize the path before execution.
```suggestion
  execSync('chmod', ['+x', scriptPath], {
    stdio: "inherit",
    cwd: process.cwd(),
  })
  execSync(scriptPath, {
    stdio: "inherit",
    cwd: process.cwd(),
  })
```

_Originally posted by @Copilot in https://github.com/MunyayLLC/https-github.com-joe10832-onchaintestkit/pull/24#discussion_r2375102741_
            

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Uh oh!

Command injection vulnerability: Using template literals with user-controllable path in shell command. Use array form or properly validate/sanitize the path before execution. #29

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Uh oh!

Command injection vulnerability: Using template literals with user-controllable path in shell command. Use array form or properly validate/sanitize the path before execution. #29

Description

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions