Polo-Sec

**Name of the Vulnerable Software and Affected Versions** Terraform WinDNS Provider versions prior to 1.0.5 **Description** A security issue has been found in the Terraform WinDNS Provider, where the `windns record` resource did not sanitize the input variables, leading to authenticated command injection in the underlying PowerShell command prompt. **Recommendations** For versions prior to 1.0.5, update to version 1.0.5 to resolve the issue. As a temporary workaround, consider sanitizing the input variables for the `windns record` resource to prevent command injection.