Name of the Vulnerable Software and Affected Versions: Passbolt (affected versions not specified)

Description: The issue allows a user to inject bash code during the installation stage of Passbolt, as the system does not perform escaping or verification on the input provided for the username, e-mail address, and optional comment. The impact of this issue is high, but the probability of exploitation is low due to its limitation to the installation stage.

Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.