Shell escape cc4m_logo_inline

IDSECURITY-2
TitleDo not use the shell escape function.
PriorityMandatory
Severity level3
DescriptionDo not use the shell escape function. If necessary, use the system function instead.
RationaleWhen using the !program_to_execute syntax to execute external programs, no dynamic input or program names can be used.
ExceptionApplication development.

Avoid:

!mycommand

Instead use:

system('mycommand')