CVE-2023-46322

Published: 2023-10-23T00:15Z

Last Modified: 2024-11-21T08:28Z

Source: MITRE CVE List

License: MITRE-CVE-TOS

iTermSessionLauncher.m in iTerm2 before 3.5.0beta12 does not sanitize ssh hostnames in URLs. The hostname's initial character may be non-alphanumeric. The hostname's other characters may be outside the set of alphanumeric characters, dash, and period. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt