2023-10-22 00:00:00
mitre
PUBLISHED
iTermSessionLauncher.m in iTerm2 before 3.5.0beta12 does not sanitize ssh hostnames in URLs. The hostnames initial character may be non-alphanumeric. The hostnames other characters may be outside the set of alphanumeric characters, dash, and period.