Superchupudev

**Name of the Vulnerable Software and Affected Versions** kurwov versions prior to 3.2.5 **Description** The issue arises from an unsafe sanitization of dataset contents on the `MarkovData#getNext` method used in `Markov#generate` and `Markov#choose`. This allows a maliciously crafted string on the dataset to throw and stop the function from running properly. If a string contains a forbidden substring (i.e. ` proto `) followed by a space character, the code will access a special property in `MarkovData#finalData` by removing the last character of the string, bypassing the dataset sanitization. Any dataset can be contaminated with the substring, making it unable to properly generate anything in some cases. **Recommendations** For kurwov versions prior to 3.2.5, upgrade to version 3.2.5 to address the issue. As a temporary workaround, consider avoiding the use of the `MarkovData#getNext` method or restricting access to contaminated datasets until the upgrade is applied. Additionally, refrain from using the ` proto ` substring in dataset strings to minimize the risk of exploitation.