Missing shell_quote calls in close_altfile function in filename.c in less before version 606 allows for LESSCLOSE vulnerability.

Missing shell_quote calls in close_altfile function in filename.c in less before version 606 allows for LESSCLOSE vulnerability.

CVE-2022-48624 · Severity

close_altfile in filename.c in less before 606 omits shell_quote calls for LESSCLOSE.

Learn more about our Web Application Penetration Testing UK.