Remote Command Execution via Window Title Modification

Remote Command Execution via Window Title Modification

CVE-2015-8971 · HIGH Severity

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Terminology 0.7.0 allows remote attackers to execute arbitrary commands via escape sequences that modify the window title and then are written to the terminal, a similar issue to CVE-2003-0063.

Learn more about our Web Application Penetration Testing UK.