Unknown · Tinyfiledialogs · CVE-2023-47104
**Name of the Vulnerable Software and Affected Versions**
tinyfiledialogs versions prior to 3.15.0
**Description**
The issue allows shell metacharacters, such as a backquote or a dollar sign, in titles, messages, and other input data. This problem exists due to an incomplete fix for a previous issue, which only considered single and double quote characters.
**Recommendations**
For versions prior to 3.15.0, update to version 3.15.0 or later to resolve the issue.
As a temporary workaround, consider restricting the use of shell metacharacters in input data to minimize the risk of exploitation.