70174d2a98
Because we are running cmd.exe here, it is possible to use a malicious URL to execute arbitrary commands on the shell ( e.g. if url=http://my-patch-notes.com/" & del C:\ ) (Triggered by internal security audit and Fortify analysis.)