In zsh before 5.8.1, an attacker can achieve code execution if they control a command output inside the prompt, as demonstrated by a %F argument. This occurs because of recursive PROMPT_SUBST expansion.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Zsh | Zsh | * | 5.8.1 (excluding) |