CVE-2023-47104

Name of the Vulnerable Software and Affected Versions tinyfiledialogs versions prior to 3.15.0

Description The issue allows shell metacharacters, such as a backquote or a dollar sign, in titles, messages, and other input data. This problem exists due to an incomplete fix for a previous issue, which only considered single and double quote characters.

Recommendations For versions prior to 3.15.0, update to version 3.15.0 or later to resolve the issue. As a temporary workaround, consider restricting the use of shell metacharacters in input data to minimize the risk of exploitation.